Bro is a system for detecting Network Intruders in real-time by the guys

that brought you tcpdump, libpcap, and flex. Bro is documented in the the USENIX 1998 Security Conference proceedings.
author: David E. O'Brien <obrien@FreeBSD.org> 1998-03-02 10:35:04 +0000
committer: David E. O'Brien <obrien@FreeBSD.org> 1998-03-02 10:35:04 +0000
commit: 260fc6e9e1b45a6a2916b4c8dca4eed8a61888f9 (patch)
tree: c77e8bd1cdd443ff70fba4a95f0689652c25c350 /security/bro/pkg-descr
parent: Upgrade to 0.14.0 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/security/bro/pkg-descr b/security/bro/pkg-descr
new file mode 100644
index 000000000000..184d8017aa39
--- /dev/null
+++ b/security/bro/pkg-descr
@@ -0,0 +1,16 @@
+Bro is a system for detecting Network Intruders in real-time by the guys
+that brought you tcpdump, libpcap, and flex.
+
+Bro is a stand-alone system for detecting network intruders in real-time
+by passively monitoring a network link over which the intruder's traffic
+transits.  Bro is divided into an "event engine" that reduces a
+kernel-filtered network traffic stream into a series of higher-level
+events, and a "policy script interpreter" that interprets event handlers
+written in a specialized language used to express a site's security policy.
+Event handlers can update state information, synthesize new events, record
+information to disk, and generate real-time notifications via `syslog'.
+
+Bro is documented in the the USENIX 1998 Security Conference proceedings.
+
+-- David
+   obrien@cs.ucdavis.edu
author	David E. O'Brien <obrien@FreeBSD.org>	1998-03-02 10:35:04 +0000
committer	David E. O'Brien <obrien@FreeBSD.org>	1998-03-02 10:35:04 +0000
commit	260fc6e9e1b45a6a2916b4c8dca4eed8a61888f9 (patch)
tree	c77e8bd1cdd443ff70fba4a95f0689652c25c350 /security/bro/pkg-descr
parent	Upgrade to 0.14.0 (diff)