Hello Everyone:
I set up Bro-2.1 and DataSeries to do trace analysis. I am not sure
whether Bro-2.1 can identify (using default configuration)application
layer protocols such as DEC_PRC, DNS, Finger, Gnutella, FTP, HTTP, Ident,
IRC, NetbiosSSN, NCP, NFS, NTP, POP3, Portmapper, PRC, RSH, Rlogin, SMB,
SSH, SSL, SMTP, Telnet as specified on Bro IDS' WIKI ? Or it can only
identify some of the listed protocols.
Could you please help me?
Thank you!