False positive

Angelita_de_Cassia_C · July 21, 2005, 11:48pm

Hi, I saw at documentation about snort2bro, it converts Snort's signature
into Bro signatures, I think using this I will analyse the alerts like I
need.

How can I obtain the snort2bro script to do this convertation? or Does the
bro have another way to analyse de signatures?

Thanks
Angelita

Christian_Kreibich3 · July 22, 2005, 12:32am

Hi,

Angelita_de_Cassia_C · July 22, 2005, 1:20pm

Do I need to configure all configuration files like s2b.cfg, s2b-augment.cfg
? Or Do I have to execute this script with another parameters to convert de
signatures?

Christian_Kreibich3 · July 22, 2005, 7:16pm

See scripts/s2b/README, be creative, or better yet, read the code.

Cheers,
Christian.

Topic		Replies	Views
Snort 2 Bro Utility Zeek	2	70	May 6, 2022
Snort to Bro Zeek	4	107	May 6, 2022
create team for update snort2bro script signature ? Zeek	5	76	May 6, 2022
is snort2bro missing from 0.9-current Zeek	1	68	May 6, 2022
is snort2bro missing from 0.9-current Zeek	1	82	May 6, 2022

False positive

Related Topics