LinuxLinks.com
Newbies What Next ? News Forums Calendar

Search





News Sections
Home
General News (3983/0)
Reviews (632/0)
Press Releases (465/0)
Distributions (193/0)
Software (897/0)
Hardware (528/0)
Security (192/0)
Tutorials (352/0)
Off Topic (181/0)


User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User


Events
There are no upcoming events




Bro

Bro

Bro is a Network Intrusion Detection System (NIDS) that passively monitors network traffic and looks for suspicious activity.

Bro detects intrusions by first parsing network traffic to extract is application-level semantics and then executing event-oriented analyzers that compare the activity with patterns deemed troublesome.

Its analysis includes detection of specific attacks (including those defined by signatures, but also those defined in terms of events) and unusual activities (e.g., certain hosts connecting to certain services, or patterns of failed connection attempts).

 Bro

License
Bro License Agreement

Developer
Vern Paxson

Website
bro-ids.org

Requirements
libpcap
flex
bison or byacc

Support:
Manuals, FAQ
Mailing List

Selected Reviews:

Features include:

  • Network Based
    • Collects, filters, and analyzes traffic that passes through a specific network location
  • Custom Scripting Language
    • Policy scripts are programs written in the Bro language. They contain the "rules" that describe what sorts of activities are deemed troublesome. They analyze the network activity and initiate actions based on the analysis
  • Pre-written Policy Scripts
    • Comes with a rich set of policy scripts designed to detect the most common Internet attacks while limiting the number of false positives, i.e., alerts that confuse uninteresting activity with the important attack activity
    • The supplied policy scripts will run "out of the box" and do not require knowledge of the Bro language or policy script mechanics
  • Powerful Signature Matching Facility
    • Bro policies incorporate a signature matching facility that looks for specific traffic content.
    • Comes with a set of high value signatures policies, selected for their high detection and low false positive characteristics
  • Network Traffic Analysis
    • Can also analyze network protocols, connections, transactions, data amounts, and many other network characteristics
    • Powerful facilities for storing information about past activity and incorporating it into analyses of new activity
  • Detection Followed by Action
    • Bro policy scripts can generate output files recording the activity seen on the network (including normal, non-attack activity)
    • Generate problem alerts to event logs, including the operating system syslog facility
    • Scripts can execute programs, which can, in turn, send e-mail messages, page the on-call staff, automatically terminate existing connections, or, with appropriate additional software, insert access control blocks into a router's access control list
  • Snort Compatibility Support
    • Includes a tool, snort2bro, which converts Snort signatures into Bro signatures. 
    • snort2bro also incorporates a large number of enhancements to the standard set of Snort signatures to take advantage of Bro's additional contextual power and reduce false positives

Return to Security Home Page

Bookmark and Share


Last Updated Sunday, November 23 2014 @ 03:46 AM EST


We have written a range of guides highlighting excellent free books for popular programming languages. Check out the following guides: C, C++, C#, Java, JavaScript, CoffeeScript, HTML, Python, Ruby, Perl, Haskell, PHP, Lisp, R, Prolog, Scala, Scheme, Forth, SQL, Node.js (new), Fortran (new), Erlang (new), Pascal (new), and Ada (new).


Group Tests
All Group Tests

Top Free Software
5 Office Suites
7 Document Processors
6 Lean Desktops
6 Desktop Search
9 Project Management
9 Groupware Apps
14 File Managers
10 Databases
21 Backup Tools
21 DVD Tools
21 Window Managers
21 Productivity Tools
9 Terminal Emulators
21 Financial Tools
21 Text Editors
21 Video Emulators
21 Home Emulators
42 Graphics Apps
6 CAD Apps
42 Scientific Apps
10 Web Browsers
42 Email Apps
12 Instant Messaging
10 IRC Clients
7 Twitter Clients
12 News Aggregators
11 VoIP Apps
11 Remote Display Apps
42 Best Games
42 More Games
21 More Games
21 Notable Games (1)
21 Notable Games (2)
21 Notable Games (3)
8 ASCII Games
9 Educational Games
42 Audio Apps
42 Video Apps
6 Screencasting Apps
80 Security Apps
9 System Monitoring
6 Family History Apps
11 PDF Tools
6 Music Servers
6 Collection Managers
7 Calculator Apps
8 Geometry Apps
Free Console Apps
14 Multimedia
Programming
8 Compilers
9 IDEs
9 Debuggers
7 Revision Control Apps
6 Doc Generators
'Free' Proprietary
21 Closed-Source Apps
Top Commercial Apps
42 Games
Free Web Software
21 Web CMS
14 Wiki Engines
8 Blog Apps
6 eCommerce Apps
5 Human Resource Apps
10 ERP
10 CRM
6 Data Warehouse Apps
8 Business Intelligence
6 Point-of-Sale

All Group Tests

Other Articles
Migrating from Windows
Back up your data
Distribution Guide
Distro Portal Pages
20 Free Linux Books
Running Linux Under Windows


Older Stories
Wednesday 12/17
  • The new minuscule Linutop XS is announced! (0)

  • Tuesday 12/16
  • Getting Started With KODI(XBMC) (0)
  • PikeOS provides Safety and Security for Energy-Sensible Communication Platform from X-ES (0)

  • Monday 12/15
  • SMPlayer with support for MPV is now available (0)
  • USB Armory: Open Source USB Stick Computer (0)

  • Sunday 12/14
  • Magical Open Source Music Workstations (0)

  • Friday 12/12
  • Alpine 3.1.0 released (0)
  • Empire: Total War Launches on Linux (0)

  • Thursday 12/11
  • 6-Way Winter 2014 Linux Distribution Comparison (0)
  • Review: 6 business-class Chromebooks test their mettle (0)


  • Vote

    What Linux distribution do you run on your main computer?

    Debian
    Fedora
    Mint
    Slackware
    openSuSE
    Arch
    Ubuntu
    Redhat
    Mageia
    CentOS
    FreeBSD
    Results
    57 votes | 3 comments

    Built with GeekLog and phpBB
    Comments to the webmaster are welcome
    Copyright 2009 LinuxLinks.com - All rights reserved