Skip to content

lindhe/midbro

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

95 Commits

etc

etc

 
 

includes

includes

 
 

script

script

 
 

src

src

 
 

test

test

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

Repository files navigation

Midbro – Packet Capturing for Intrusion Detection Systems

Created by Robert Gustafsson, Robin Krahl and Andreas Lindhé in DAT300 2017 at Chalmers University of Technology. Copyright belongs to the authors.

All code is published under the MIT license: https://opensource.org/licenses/MIT

Dependencies

These dependencies are packaged in the Debian repositories, but are also available on other platforms.

  • Bro (bro)
  • Broccoli (libbroccoli-dev)
  • Tcpreplay (tcpreplay)

Workflow

  1. Compile and export library path
  2. Start Bro
  3. Start the consumer (midbro_test)
  4. Send network traffic

Example usage:

The commands below assume you are in the root directory of this repository.

0. Compile & export path

make export LD_LIBRARY_PATH=$(pwd)/lib

Example: make midbro_test

1. Start Bro

sudo bro -b -C -i lo script/mid.bro Log::default_writer=Log::WRITER_NONE

2. Start the consumer (midbro_test)

./bin/midbro_test

3. Send network traffic

sudo tcpreplay -i lo -M 100.0 livedata.cap

About

DAT300 Group 3 Code

Topics

security ids network-monitoring network-analysis network-capture

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages