freebsd-ports/security/bro/pkg-descr

Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)
that passively monitors network traffic and looks for suspicious activity.
Bro detects intrusions by first parsing network traffic to extract is
application-level semantics and then executing event-oriented analyzers that
compare the activity with patterns deemed troublesome. Its analysis includes
detection of specific attacks (including those defined by signatures, but
also those defined in terms of events) and unusual activities (e.g., certain
hosts connecting to certain services, or patterns of failed connection
attempts).

Bro is documented in the USENIX 1998 Security Conference proceedings.

-- Paul
   pauls@utdallas.edu

WWW: http://bro-ids.org/
security/bro, port upgrade to version 1.2.1, take over maintainership This is an upgrade of the security/bro port to the current stable version. The port is very complex, so it needs to be tested carefully to make sure that I'm not screwing anything up or using wrong conventions. Also, I'm willing to take over maintainership of the port if it's accepted into the tree. Please note, there are several files that need to be removed from the port and quite a few that need to be added. All these files are in FILESDIR. I have provided blank patches for the files that need to be removed, so the patches will create blank files. Added IS_INTERACTIVE to the port Left original freebsd header comments in it. Next time please use one big patch-file instead of lots of little ones :-) PR: ports/114999 Submitted by: Paul Schmehl <pauls@utdallas.edu> 2007-09-10 15:28:12 +02:00			`Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)`
			`that passively monitors network traffic and looks for suspicious activity.`
			`Bro detects intrusions by first parsing network traffic to extract is`
			`application-level semantics and then executing event-oriented analyzers that`
			`compare the activity with patterns deemed troublesome. Its analysis includes`
			`detection of specific attacks (including those defined by signatures, but`
			`also those defined in terms of events) and unusual activities (e.g., certain`
			`hosts connecting to certain services, or patterns of failed connection`
			`attempts).`
Bro is a system for detecting Network Intruders in real-time by the guys that brought you tcpdump, libpcap, and flex. Bro is documented in the the USENIX 1998 Security Conference proceedings. 1998-03-02 11:35:04 +01:00
Remove duplicate words where appropriate. Approved by: sobomax, obrien 2001-06-24 22:29:39 +02:00			`Bro is documented in the USENIX 1998 Security Conference proceedings.`
Bro is a system for detecting Network Intruders in real-time by the guys that brought you tcpdump, libpcap, and flex. Bro is documented in the the USENIX 1998 Security Conference proceedings. 1998-03-02 11:35:04 +01:00
security/bro, port upgrade to version 1.2.1, take over maintainership This is an upgrade of the security/bro port to the current stable version. The port is very complex, so it needs to be tested carefully to make sure that I'm not screwing anything up or using wrong conventions. Also, I'm willing to take over maintainership of the port if it's accepted into the tree. Please note, there are several files that need to be removed from the port and quite a few that need to be added. All these files are in FILESDIR. I have provided blank patches for the files that need to be removed, so the patches will create blank files. Added IS_INTERACTIVE to the port Left original freebsd header comments in it. Next time please use one big patch-file instead of lots of little ones :-) PR: ports/114999 Submitted by: Paul Schmehl <pauls@utdallas.edu> 2007-09-10 15:28:12 +02:00			`-- Paul`
			`pauls@utdallas.edu`

			`WWW: http://bro-ids.org/`