Hi,
I recently used bro IDS - Default Policy (GetTraffic from TAP on the network) and i want to analysis Files.
1- extract all Executables Files from all traffic (http,smb and others protocols).
2- md5 of all files that passed in the traffic.
How can i do it?
Thanks,
CM.
Try turning on the file extraction framework. Look at the code and see if that fits your needs.
Cheers,
JB
Hi,
I recently used bro IDS - Default Policy (GetTraffic from TAP on the network) and i want to analysis Files.
1- extract all Executables Files from all traffic (http,smb and others protocols).
2- md5 of all files that passed in the traffic.
How can i do it?
Thanks,
CM.