[Bro] Trouble with pppoe-traffic
Александр Кубышин
sansan94 at mail.ru
Wed Sep 5 02:31:54 PDT 2018
Good day all,
My IDS server receives mirrored traffic from the switch. In addition to classic traffic, I also see pppoe traffic.
But the bro why does not recognize this traffic. What could be the problem?
What kind of customization is needed for the bro to see this type of traffic?
Here are links to samples of this traffic:
* https://www.dropbox.com/s/2fdxpdxkv0pm31s/pppoe_get.pcap?dl=0
* https://www.dropbox.com/s/jb6yazrfeydtrqm/pppoe_get2.pcap?dl=0
--
Alexander Kubyshin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180905/79c587d1/attachment.html
More information about the Bro
mailing list