Packet Capturing for Intrusion Detection Systems (GitHub mirror) https://git.ireas.org/mirrors/midbro/atom?h=broccoli-events 2017-09-25T21:29:18Z 2017-09-25T21:29:18Z Robin Krahl guskraro@student.gu.se 2017-09-25T21:29:18Z urn:sha1:46f518825c4e934b950c1ce0c9936fd106798408 2017-09-25T20:58:16Z Robin Krahl guskraro@student.gu.se 2017-09-25T20:55:08Z urn:sha1:7c55cebd914ac059b9c91a897cb00011b689eb57 This implementation only logs the (combined) request and response events that occur within the same connection. This assumes that a response is always send over the same connection as a request. It is unclear whether this assumption really holds. This implementation does not yet contain error handling, so if there was no response for a request, Bro displays an error message. It also does not contain an interpretation of the values, so if multiple values are read within one request, they are displayed in the same log entry. 2017-09-25T20:45:12Z Robin Krahl guskraro@student.gu.se 2017-09-25T20:45:12Z urn:sha1:478b8df6262d405015bf2ea7ca28ef06d2df3e5e Add a (nearly) empty directory for the baseline implementation of the payload extraction as a Bro script executed directly within Bro.