[Bro] Various OSs detection using Bro
Zeolla@GMail.com
zeolla at gmail.com
Wed Mar 1 10:27:18 PST 2017
https://github.com/bro/bro/blob/master/scripts/base/misc/p0f.fp ?
We used it before and it was very false positive prone, which is actually
why Vlad worked on the Windows detection script in the first place.
Jon
On Wed, Mar 1, 2017 at 12:20 PM fatema bannatwala <
fatema.bannatwala at gmail.com> wrote:
> I was wondering if anyone has tried detecting different OSs using Bro.
> I know Bro ships with windows version detection script, and to add to the
> OS
> detection, I have written two more scripts to detect MacOS and iOS.
>
> Next, was trying to write something to detect Linux OSs, for Android phones
> and other PCs that might be running some kind of Linux OS.
>
> So, before trying to re-invent the wheel, wanted to ask if some one trying
> to address
> similar use-case, and if would like to share the scripts, or if someone
> has any pointers to
> any specific way of detection and have any pointers in that direction! :)
>
> Thanks,
> Fatema.
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
--
Jon
Sent from my mobile device
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170301/d4662326/attachment.html
More information about the Bro
mailing list