[Bro] Detect tor
fatema bannatwala
fatema.bannatwala at gmail.com
Wed Feb 22 05:21:32 PST 2017
Another thing you could try is, if you use intel framework, then you can
feed the intel FW with
the IOCs data for TOR, and load it in Intel, so that you will get logs in
intel.log, whenever there's
a hit on TOR IPs in your network traffic.
Thanks,
Fatema.
On Wed, Feb 22, 2017 at 4:50 AM, ps sunu <pssunu6 at gmail.com> wrote:
>
> -----
> Hi,
> Which is the best TOR detection script in bro ? below one
> is good , or any other script there ?
>
> https://raw.githubusercontent.com/sethhall/bro-junk-drawer/m
> aster/detect-tor.bro
>
>
> Regards,
> Sunu
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170222/d33a5a6f/attachment.html
More information about the Bro
mailing list