CoAP

erik_clark · July 16, 2018, 3:30pm

Does anyone know if there is a Bro plugin for CoAP traffic detection and identification? We have the MQTT plugin for IoT bits, but we would like to support CoAP as well. Thanks!

johanna · August 13, 2018, 1:07am

Just to chime in - I have not heard of anyone creating a CoAP analyzer for
Bro.

Johanna

erik_clark · August 13, 2018, 9:42am

Seth (may) be looking at making the analyzer. You can find a packet generator here: https://github.com/mcollina/coap-packet. With the increase in number of IoT things on the network, or things acting like IoT devices (phones,
soap dispensers, Fatema has examples on her network), having visibility into this is pretty important.

Seth_Hall2 · August 23, 2018, 2:56pm

I’d put extra emphasis on the may. I haven’t had time to dig into it yet, but thanks for the pointers to the packet generator and the protocol on the whole.

.Seth

Topic		Replies	Views
Bro and ICMP Zeek	2	81	May 6, 2022
VPN Traffic Detection Zeek	2	82	May 6, 2022
packet post-processor plugin Zeek	9	78	May 6, 2022
Hi + LL Analyzer Development development	7	139	May 6, 2022
OpenFlow Analyzer Development development	5	122	May 6, 2022

CoAP

Related Topics