[Zeek] Detection of all attacks in pcap file
bpboci24 at gmail.com
Mon Oct 21 11:09:48 PDT 2019
I am beginner in Zeek. Currently, I have a task to perform analysis of .
pcap files and detect all possible attacks per time instances. In the other
words I have to test Zeek as an IDS tool and find with which percentage is
Zeek able to classify traffic correctly (True/False positive, True/False
negative indication). Is there possibility to do so? For example, I tried
to run integrated Brute-Forcing.zeek script against my .pcap file but in
the notice.log there is just note that there was an attack which is not
what I am looking. Do I have to search for labeled network in some other
Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Zeek