1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-10-29 21:39:24 +00:00
freebsd-ports/security/bro/pkg-descr
David E. O'Brien 260fc6e9e1 Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.

Bro is documented in the the USENIX 1998 Security Conference proceedings.
1998-03-02 10:35:04 +00:00

17 lines
804 B
Plaintext

Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.
Bro is a stand-alone system for detecting network intruders in real-time
by passively monitoring a network link over which the intruder's traffic
transits. Bro is divided into an "event engine" that reduces a
kernel-filtered network traffic stream into a series of higher-level
events, and a "policy script interpreter" that interprets event handlers
written in a specialized language used to express a site's security policy.
Event handlers can update state information, synthesize new events, record
information to disk, and generate real-time notifications via `syslog'.
Bro is documented in the the USENIX 1998 Security Conference proceedings.
-- David
obrien@cs.ucdavis.edu