another bro version?

Hello all,

I was looking for material about Bro on the internet and ran across this
page http://www.nersc.gov/~scottc/software/bro/brostuff.html by Scott
Campbell. I'm wondering how it relates to what is available at
www.bro-ids.org. It references 0.8 being current, where bro-ids has 1.1,
so are the modifications her talks about now merged or dropped?

Thanks,
Steve

Smith, Stephen G., OIG DoD wrote:

Hello all,

I was looking for material about Bro on the internet and ran across this
page http://www.nersc.gov/~scottc/software/bro/brostuff.html by Scott
Campbell. I'm wondering how it relates to what is available at
www.bro-ids.org. It references 0.8 being current, where bro-ids has 1.1,
so are the modifications her talks about now merged or dropped?

Thanks,
Steve

--
Stephen G. Smith
DODIG NETSEC Division
stephen.smith@dodig.mil

This e-mail is from the Office of the Inspector General, Department of Defense, and may contain information that is "Law Enforcement Sensitive" {LES} or "For Official Use Only" {FOUO} or otherwise subject to the Privacy Act and/or legal and or other privileges that restrict release without appropriate legal authority.

_______________________________________________
Bro mailing list
bro@bro-ids.org
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

Sorry about the delay in getting back to you.

Most of the projects referenced on the page were either folded into the
main bro branch (such as landmine and low port trolling), or left in
there current state due to lack of interest or a better solution
presenting itself.

Most of the grid and GSI based detectors ended up being more effective
on the back end, while the demand for data entropy analysis never
materialized. There is a relatively current (1.1.57) version of the
entropy analyzer, but it is a separate tree and should in no way be
considered ready for production use.

If you have any other questions, feel free to contact me. There are
several other (more contemporary) projects that I am working on which
are linked off of http://www.nersc.gov/~scottc .

thanks!

scott