[Bro] BRO - Ransomware
Raj Kumar
rak at capmon.dk
Fri May 26 12:02:06 PDT 2017
Hi All,
If am trying to add smb-ransomware.bro , to my bro setup ,where should I
include this in the bro directories.
root at csh:/home/raj# find / -name "smb"
/nsm/bro/share/bro/policy/protocols/smb
/nsm/bro/share/bro/base/protocols/smb
/opt/bro/bro-2.5/testing/btest/Traces/smb
/opt/bro/bro-2.5/testing/btest/scripts/base/protocols/smb
/opt/bro/bro-2.5/scripts/policy/protocols/smb
/opt/bro/bro-2.5/scripts/base/protocols/smb
/opt/bro/bro-2.5/build/src/analyzer/protocol/smb
/opt/bro/bro-2.5/src/analyzer/protocol/smb
and after this I can include in local.bro, @load policy/protocols/smb
Thanks,
*Raj*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170526/1afc7595/attachment.html
More information about the Bro
mailing list