Hi All,
I am new to Bro and want to extract all files on my network. (smb, http, and whatever all protocols)
I probably need to set up proper server spec and bro cluster to extract all files.
However I don’t know what the spec I need.
On my network traffic is below.
-
maximum throughput is around 55m bits per second.
-
maximum packets are around 6k packets per second.
Please give me some advice to build bro.
And I have one more question.
Some extracted files’ hash isn’t same to origin file’ hash when I tested bro on virtual machine before setting up bro on real network.
Is it because of the server spec? (lost some packets?)
Thanks!