[Bro] Detect tor
ps sunu
pssunu6 at gmail.com
Wed Feb 22 07:26:36 PST 2017
ok thanks for your info
On Wed, Feb 22, 2017 at 6:51 PM, fatema bannatwala <
fatema.bannatwala at gmail.com> wrote:
> Another thing you could try is, if you use intel framework, then you can
> feed the intel FW with
> the IOCs data for TOR, and load it in Intel, so that you will get logs in
> intel.log, whenever there's
> a hit on TOR IPs in your network traffic.
>
> Thanks,
> Fatema.
>
> On Wed, Feb 22, 2017 at 4:50 AM, ps sunu <pssunu6 at gmail.com> wrote:
>
>>
>> -----
>> Hi,
>> Which is the best TOR detection script in bro ? below one
>> is good , or any other script there ?
>>
>> https://raw.githubusercontent.com/sethhall/bro-junk-drawer/m
>> aster/detect-tor.bro
>>
>>
>> Regards,
>> Sunu
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170222/cfde4331/attachment.html
More information about the Bro
mailing list