[Bro-Commits] [git/bro] topic/seth/libinjection: Integration with libinjection (https://github.com/client9/libinjection) (9ee6dff)

Matthias_Vallentin1 · July 3, 2013, 8:53pm

     - This is only for show. I did a tiny bit of testing with real
       network traffic and there were way too many false positives for
       this to be really useful. I'm not going to be filing a merge
       request for this.

Very useful to know! I was about to offer a student to investigate the
efficacy of libinjection, but given the high FPs, I am less excited
about it. Do you think it's possible to improve on the FP rate or is
the "model" hardcoded in the library?

Matthias

Seth_Hall3 · July 3, 2013, 9:25pm

I don't know, the false hits make me believe it's a failing in their model, but I don't really understand how it works so I can't say that authoritatively.

.Seth

Topic		Replies	Views
[Bro-Commits] [git/bro] topic/robin/v6-addr-merge: Fix IPAddr/IPPrefix serialization bugs. (all unit tests pass) (06e59e1) Development development	1	71	May 6, 2022
[Bro-Commits] [git/bro] topic/script-reference: Almost done with event.bif. (0523a18) Development development	2	49	May 6, 2022
[Bro-Commits] [git/bro] topic/robin/log-threads: Finetuning communication CPU usage. (51009b7) Development development	2	63	May 6, 2022
[Bro-Commits] [git/bro] topic/johanna/input-threads: It works. Even including all unit tests. (88233ef) Development development	2	58	May 6, 2022
[Bro-Commits] [git/bro] fastpath: Fixed major bug with cluster synchronization (it was broken!) (0b8b14a) Development development	1	51	May 6, 2022

[Bro-Commits] [git/bro] topic/seth/libinjection: Integration with libinjection (https://github.com/client9/libinjection) (9ee6dff)

Related Topics