[Bro] All file extraction
김수련
sunari1031 at gmail.com
Thu Mar 9 20:15:54 PST 2017
Hi All,
I am new to Bro and want to extract all files on my network. (smb, http,
and whatever all protocols)
I probably need to set up proper server spec and bro cluster to extract all
files.
However I don't know what the spec I need.
On my network traffic is below.
- maximum throughput is around 55m bits per second.
- maximum packets are around 6k packets per second.
Please give me some advice to build bro.
And I have one more question.
Some extracted files' hash isn't same to origin file' hash when I tested
bro on virtual machine before setting up bro on real network.
Is it because of the server spec? (lost some packets?)
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170310/2bf5b0c9/attachment.html
More information about the Bro
mailing list