mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-03 06:04:53 +00:00
2e9dc31504
This is being done as svn copy instead of rename so that users of security/bro can have some time to migrate. It also allows for possible security updates to the old bro port which upstream has indicated is possible for at least a few months. Reviewed by: ler (mentor) Approved by: ler (mentor) Differential Revision: https://reviews.freebsd.org/D22376
16 lines
744 B
Plaintext
16 lines
744 B
Plaintext
Zeek (formerly known as Bro) is an open-source, Unix-based Network
|
|
Intrusion Detection System (NIDS) that passively monitors network
|
|
traffic and looks for suspicious activity. Zeek detects intrusions
|
|
by first parsing network traffic to extract its application-level
|
|
semantics and then executing event-oriented analyzers that compare
|
|
the activity with patterns deemed troublesome. Its analysis includes
|
|
detection of specific attacks (including those defined by signatures,
|
|
but also those defined in terms of events) and unusual activities
|
|
(e.g., certain hosts connecting to certain services, or patterns
|
|
of failed connection attempts).
|
|
|
|
Zeek is documented in the USENIX 1998 Security Conference proceedings
|
|
(as Bro).
|
|
|
|
WWW: https://www.zeek.org/
|