[Bro] Analysers for IoT protocols

Seth Hall seth at corelight.com
Fri Sep 7 10:48:36 PDT 2018 

I have turned that MQTT analyzer into a plugin (and done a bunch of 
extra work on it, including fixing some bugs).
		https://github.com/sethhall/bro-mqtt

   .Seth

On 6 Sep 2018, at 23:55, Will Hawkins wrote:

> Found this on github: https://github.com/supriyask/Bro
>
> I have a friend that uses MQTT extensively and he knows that there are
> wireshark dissectors for MQTT, but neither my friend nor I can verify
> that code from Github. Just thought I'd toss it out there in case you
> hadn't seen it.
>
> Hope that helps!
> Will
>
>
> On Thu, Sep 6, 2018 at 3:48 PM, Rob Smith <smithr at phirelight.com> 
> wrote:
>> Newbie here,
>>
>> I am trying to find analysers for IoT protocols (MQTT, CoAP, etc).  I 
>> have
>> been unable to locate any.  I thought I'd reach out and see if anyone 
>> has
>> been looking for the same and whether or not something is available.
>>
>> If this has been covered in previous threads, my apologies.
>>
>>
>>
>> Rob Smith
>> Senior Solutions Architect
>> Phirelight Support
>>
>> Phirelight Security Solutions Inc.
>> 293 MacLaren Street
>> Ottawa, Ontario, K2P 0L9
>>
>> tel: + 1 (613) 276-8443 Ext. 325
>> cel: + 1 (613) 617-8443
>> alt: + 1 (877) 672-8070
>> fax:+ 1 (613) 422-8475
>> email: smithr at phirelight.com
>> web:   www.phirelight.com
>> twitter: @PhirelightInc
>> linkedin: Phirelight
>>
>> This communication contains confidential information intended solely 
>> for the
>> use of the individual(s) and/or entity or entities to whom it was 
>> intended
>> to be addressed. If you are not the intended recipient, be aware that 
>> any
>> disclosure, copying, distribution or use of the contents of this
>> transmission is prohibited.  If you have received this communication 
>> in
>> error, please contact the sender immediately, delete the 
>> communication from
>> your system and do not disclose its contents to any third party or 
>> use its
>> contents.  Any opinions expressed are solely those of the author and 
>> do not
>> necessarily represent those of Phirelight Security Solutions Inc. 
>> unless
>> otherwise specifically stated.
>>
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

--
Seth Hall * Corelight, Inc * www.corelight.com

More information about the Bro mailing list