diff options
| author | obrien <obrien@FreeBSD.org> | 1998-03-02 10:35:04 +0000 |
|---|---|---|
| committer | obrien <obrien@FreeBSD.org> | 1998-03-02 10:35:04 +0000 |
| commit | a0422977dff702ef75ba9766fff6685aa91597ad (patch) | |
| tree | 17518c9d9cb619be7c6b6aa2ac86caec6bd443b0 /security/bro/pkg-descr | |
| parent | d4e1c246c50ec4e999bd39e9ad62ed80d3151d95 (diff) | |
| download | FreeBSD-ports-a0422977dff702ef75ba9766fff6685aa91597ad.zip FreeBSD-ports-a0422977dff702ef75ba9766fff6685aa91597ad.tar.gz | |
Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.
Bro is documented in the the USENIX 1998 Security Conference proceedings.
Diffstat (limited to 'security/bro/pkg-descr')
| -rw-r--r-- | security/bro/pkg-descr | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/security/bro/pkg-descr b/security/bro/pkg-descr new file mode 100644 index 0000000..184d801 --- /dev/null +++ b/security/bro/pkg-descr @@ -0,0 +1,16 @@ +Bro is a system for detecting Network Intruders in real-time by the guys +that brought you tcpdump, libpcap, and flex. + +Bro is a stand-alone system for detecting network intruders in real-time +by passively monitoring a network link over which the intruder's traffic +transits. Bro is divided into an "event engine" that reduces a +kernel-filtered network traffic stream into a series of higher-level +events, and a "policy script interpreter" that interprets event handlers +written in a specialized language used to express a site's security policy. +Event handlers can update state information, synthesize new events, record +information to disk, and generate real-time notifications via `syslog'. + +Bro is documented in the the USENIX 1998 Security Conference proceedings. + +-- David + obrien@cs.ucdavis.edu |
