We are a senior project group from the University of Colorado at Boulder.
We are beginning research into intrusion detection and are considering
using Bro. After browsing the source code, we have questions:
- is there an archive for this mailing list?
- is there more documentation or any faqs specifically for Bro?
- is a signature data file utilized? If so, what module(s) access it?
- are there some example log files available?
We are currently waiting for the hardware to install Bro, but are trying
to determine the formats of the signature file and log files for design
purposes.
Any assistance would be greatly appreciated.
Thanks,
Dave, Kelly, Jason, Mike, Paul