[Zeek] Query reagrding Bro Ids

Jim Mellander jmellander at lbl.gov
Fri Jul 12 13:17:25 PDT 2019 

Hi Manoj:

The issue you described seems more on the networking side, rather than the
IDS side.  However, it seems likely that a much bigger issue that a
business like yours would face would be that of cybersecurity, in
particular, securing your servers from unauthorized intrusion and data
exfiltration.  In this, Zeek (the opensource IDS formerly known as Bro) can
play an important role in early detection of possible intrusions.

Hope this helps,

Jim

On Fri, Jul 12, 2019 at 1:33 AM Manoj Petshali <manoj.petshali at paytm.com>
wrote:

> Hi Team,
>
> Please respond as we need to implement the same at the earliest.
>
> Thanks
> Manoj Petshali
> Sr. Manager - Payments Engineering
> Mobile +91-9891066456
>
> www.paytm.com
>
>
>
> On Fri, Jul 12, 2019 at 10:21 AM Manoj Petshali <manoj.petshali at paytm.com>
> wrote:
>
>> Hi Team,
>>
>> I am very eager about the Bro and need to know below information :
>>
>> -We are working in india's biggest transactional system and facing many
>> issues e.g.
>>
>> : if some user request is coming from pubic or private network (Internal
>> request) and traverses across many servers and if user receives timeout (
>> e.g. connection time out, read time out ,rst etc) then we need to know the
>> deep analysis of the same means :
>>
>> : Why/where the request timed out ?
>> : Upto which hop the request travelled?
>> : Network latency between these hopes to know if the latency is the issue?
>> : tcp handshake and ssl handshake latency and the reason for the same?
>> : Applicatency latency ?  means if the network latency is fine
>>
>> We searched on wen and got feeling that the Bro is more oriented toward
>> security and do deep packe inspection.But we have many problems like above
>> to resolve .May you please let us know that how Bro can help us to resolve
>> above issues?
>>
>> Thanks
>> Manoj Petshali
>> Sr. Manager - Payments Engineering
>> Mobile +91-9891066456
>>
>> www.paytm.com
>>
>> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190712/b233dc24/attachment.html

More information about the Zeek mailing list