[Bro] Bro Signatures
Zeolla@GMail.com
zeolla at gmail.com
Thu Feb 15 07:09:15 PST 2018
Bro doesn't really work that way, so it would be hard to make that
comparison.
https://www.bro.org/sphinx/frameworks/signatures.html#so-how-about-using-snort-signatures-with-bro
Bro does have the concept of signatures, it's just used in a way that is
very different than Snort would. It may make sense to read more of
https://www.bro.org/sphinx/frameworks/signatures.html
There is also this - https://github.com/corelight/bro-protosigs - for using
signatures in bro to do simple detection of some protocols, but it
definitely isn't meant to work in the way Snort signatures would.
Jon
On Thu, Feb 15, 2018 at 8:36 AM Bibin Koshy <koshybibin3 at gmail.com> wrote:
> Hi,
>
> I am trying to compare Snort and Bro IDS on the basis of
> signatures/rules.Is there any repository for Bro rules/signatures? I
> haven't got any signatures examples online. It would be a great help if you
> could suggest some signatures to find basic attacks.
>
> Thank you
> Bibin Koshy
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
--
Jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180215/34d4b6c0/attachment.html
More information about the Bro
mailing list