[Bro-Commits] [git/bro] topic/seth/libinjection: Integration with libinjection (https://github.com/client9/libinjection) (9ee6dff)

Matthias_Vallentin1 · July 3, 2013, 8:53pm

     - This is only for show. I did a tiny bit of testing with real
       network traffic and there were way too many false positives for
       this to be really useful. I'm not going to be filing a merge
       request for this.

Very useful to know! I was about to offer a student to investigate the
efficacy of libinjection, but given the high FPs, I am less excited
about it. Do you think it's possible to improve on the FP rate or is
the "model" hardcoded in the library?

Matthias

Seth_Hall3 · July 3, 2013, 9:25pm

I don't know, the false hits make me believe it's a failing in their model, but I don't really understand how it works so I can't say that authoritatively.

.Seth

Topic		Replies	Views
[Bro-Commits] [git/bro] topic/robin/v6-addr-merge: Fix IPAddr/IPPrefix serialization bugs. (all unit tests pass) (06e59e1) Development development	1	87	May 6, 2022
[Bro-Commits] [git/bro] topic/script-reference: Almost done with event.bif. (0523a18) Development development	2	69	May 6, 2022
[Bro-Commits] [git/bro] topic/robin/log-threads: Finetuning communication CPU usage. (51009b7) Development development	2	82	May 6, 2022
[Bro-Commits] [git/bro] topic/johanna/input-threads: It works. Even including all unit tests. (88233ef) Development development	2	76	May 6, 2022
[Bro-Commits] [git/bro] master: Merge remote-tracking branch 'origin/topic/dnthayer/ticket1215' (25b8efe) Development development	2	77	May 6, 2022

[Bro-Commits] [git/bro] topic/seth/libinjection: Integration with libinjection (https://github.com/client9/libinjection) (9ee6dff)

Related topics