[Bro] Ip-based
Daniel Manzo
daniel.manzo at bayer.com
Fri Sep 16 06:59:46 PDT 2016
Okay, I meant IP address based. By that I mean - are there any settings or configuration files that require specific IPs to be set in order for Bro to work? I'm trying to explain to my colleague how Bro works, but having a hard time myself. From my understanding it doesn't need any IP addresses, and will monitor whatever traffic is incoming from the server's NICs. Is this correct?
Thanks,
Dan Manzo
From: bro-bounces at bro.org [mailto:bro-bounces at bro.org] On Behalf Of K2
Sent: Friday, September 16, 2016 9:46 AM
To: bro at bro.org
Subject: Re: [Bro] Ip-based
What do you mean by IP-based? Are you asking if it is designed for intrusion prevention? The answer to that would be no.
Bro gives you pretty much all the information you'd ever want to know about your network traffic, but leaves it to the analyst to decide what is good and what is bad.
Kory
On Fri, Sep 16, 2016, at 08:25 AM, Daniel Manzo wrote:
Hi all,
Just to verify before setting up Bro, this IDS is not IP-based, correct? It looks like it is not, but I just want to be certain.
Thanks,
Dan Manzo
_______________________________________________
Bro mailing list
bro at bro-ids.org<mailto:bro at bro-ids.org>
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160916/d78a97f8/attachment-0001.html
More information about the Bro
mailing list