Bro stuff Justin Azoff Aug 4, 2015 try.bro.org on github Figure : - PowerPoint PPT Presentation

Jan 02, 2023 •130 likes •286 views

Bro stuff Justin Azoff Aug 4, 2015 try.bro.org on github Figure : try.bro on github Bro Dockerfiles on github Figure : try.bro on github try.bro.org CORS CORS is enabled on API endpoints. http:

Bro stuff Justin Azoff Aug 4, 2015
try.bro.org on github Figure : try.bro on github
Bro Dockerfiles on github Figure : try.bro on github
try.bro.org CORS ◮ CORS is enabled on API endpoints. ◮ http: //www.ncsa.illinois.edu/People/jazoff/bro.html
BHR New implemenation of a BlackHole Router with bro integration. ◮ https://github.com/JustinAzoff/bhr-site ◮ https://github.com/JustinAzoff/bhr-bro Use: @load ./bhr-bro redef BHR::block_types += { Scan::Port_Scan, Scan::Address_Scan, };
Fuzz ◮ Let’s fuzz bro!
Fuzz ◮ Let’s fuzz bro! ◮ Basic approach yields 1.8 executions/second - too slow ◮ Tabled for a while.
Fuzz take 2 New features to the rescue: afl-fuzz persistent mode http://lcamtuf.blogspot.com/2015/06/new-in-afl-persistent- mode.html Hack up bro and try again: src/Net.cc | 12 +++++++----- src/main.cc | 25 ++++++++++++++++++++++--- 2 files changed, 29 insertions(+), 8 deletions(-)
Fuzz take 2 New features to the rescue: afl-fuzz persistent mode http://lcamtuf.blogspot.com/2015/06/new-in-afl-persistent- mode.html Hack up bro and try again: src/Net.cc | 12 +++++++----- src/main.cc | 25 ++++++++++++++++++++++--- 2 files changed, 29 insertions(+), 8 deletions(-) Result: 1000+ executions/second.
Fuzz take 2 New features to the rescue: afl-fuzz persistent mode http://lcamtuf.blogspot.com/2015/06/new-in-afl-persistent- mode.html Hack up bro and try again: src/Net.cc | 12 +++++++----- src/main.cc | 25 ++++++++++++++++++++++--- 2 files changed, 29 insertions(+), 8 deletions(-) Result: 1000+ executions/second. But no crashes :(
TODO: Fuzz take 3 Need to build a test bro binary that bypasses libpcap and basic tcp reassembly to feed data directly into analyzers.
Fuzz Detour Maybe I should try something simpler like bro-cut.
Fuzz Detour Maybe I should try something simpler like bro-cut. Figure : bro-cut fuzz crashes
bro-cut bugs Failed conversion of out of range or invalid timestamps #fields ts #types time 77777777777777777 File header contains a missing or null separator #separator #fields a hi #separator \x00 #fields a hi
bro-cut bugs -=2 Figure : bro-cut fuzz success

Recommend

Ultrafast spectroscopy Detector Stuff Generally you have some stuff and you want to

Ultrafast spectroscopy Detector Stuff Generally you have some stuff and you want to know something about the dynamics of the stuff Kick the stuff with an excitation or pump pulse which triggers some dynamical process

817 views • 33 slides

CRITICAL INFORMATICS Our stuff keeps your stuff from becoming their stuff CRITICAL INFORMATICS

CRITICAL INFORMATICS www.criticalinformatics.com January 31, 2018 CRITICAL INFORMATICS Our stuff keeps your stuff from becoming their stuff CRITICAL INFORMATICS www.criticalinformatics.com Page 2 UW UW T Tec ech h Co Conn nnec ect

585 views • 21 slides

Biohacking: Some/mes Spooky Stuff and Some/mes Wonderful Stuff

Frazier (nulltone) presents Biohacking: Some/mes Spooky Stuff and Some/mes Wonderful Stuff Biohacking is the prac/ce of engaging biology with the

722 views • 55 slides

Stuff Ive Seen: Retrospective and Prospective Susan Dumais SIGIR Desktop

Stuff Ive Seen: Retrospective and Prospective Susan Dumais SIGIR Desktop Search Workshop Overview What is Stuff Ive Seen (SIS)? SIS @ SIGIR 2003 Key findings What has changed? What is next? Stuff

388 views • 20 slides

Music: April Showers By ProleteR Brought to you by: Stuff You Knead! Stuff You Knead!

Music: April Showers By ProleteR Brought to you by: Stuff You Knead! Stuff You Knead! Email: stuffyoukneadnyc@gmail.com Instagram:@stuff_you_knead FaceBook: @StuffYouKnead A short history... A short history... The practice of bread

521 views • 21 slides

College Student Success How Universities Can Impact Outcomes Some stuff you know and other stuff

College Student Success How Universities Can Impact Outcomes Some stuff you know and other stuff that is new Alison L. Barton, PhD East Tennessee State University barton@etsu.edu What Is College Student Success? What Is College Student

554 views • 38 slides

SELL MORE PRODUCTS ONLINE STEP FIVE SELL THEM STUFF PART 1 jane hamill 1 STEP 5: SELL STUFF

SELL MORE PRODUCTS ONLINE STEP FIVE SELL THEM STUFF PART 1 jane hamill 1 STEP 5: SELL STUFF What well cover in Step Five Whats working NOW Your marketing triggers as a way to sell more Increase conversions When

419 views • 20 slides

Stuff New HW on the web later today No lab today Tests graded by Thurs Last Time

Stuff New HW on the web later today No lab today Tests graded by Thurs Last Time CAN Bus Intro Low-level stuff Frame types Arbitration Filtering Higher-level protocols Today Embedded wireless networking

600 views • 29 slides

Parser Combinators in Smalltalk 1 Tims Trick Whats so cool about functional

Parser Combinators in Smalltalk 1 Tims Trick Whats so cool about functional programming? referential transparency if x = foo stuff , then x + x = foo stuff + foo stuff = is mathematical equality, and you can replace equal

547 views • 18 slides

GO10-4: Bulky Stuff Class Presentation Welcome to GO10, Class 4 Big and Bulky, Chunky and

GO10-4: Bulky Stuff Class Presentation Welcome to GO10, Class 4 Big and Bulky, Chunky and Fluffy Stuff. This is what our Organized Only Space looked like after Go10-3 Things youll need this week: Sorting Guides we talked about these

63 views • 3 slides

WHO CAN'T TAKE PICTURES GOOD AND WANNA LEARN TO DO OTHER STUFF GOOD TOO Stay a while and

Benjamin Cecchetto BEN CECCHETTO TALK FOR PEOPLE WHO CAN'T TAKE PICTURES GOOD AND WANNA LEARN TO DO OTHER STUFF GOOD TOO Stay a while and Overview listen... Equipment Do Other Stuff Good Too Take Pictures Good Photo shoots

611 views • 25 slides

Straight Talk on Bitcoin and Blockchain Cutting through the BS to get to the tech and stuff you

Straight Talk on Bitcoin and Blockchain Cutting through the BS to get to the tech and stuff you need to know. Jarret Dyrbye - UofA BSc. Computer Engineering 2005 - Doing Bitcoin-related stuff - UofA MSc. Electrical and Computer

665 views • 40 slides

Safety Fun!! Use Stuff Let s See How Much We Know THE HUDSON TMA ! A B C Quick Check What

Safety Fun!! Use Stuff Let s See How Much We Know THE HUDSON TMA ! A B C Quick Check What Does A stand for? a. Accidents b. Ariana Grande c. Air d. Aerodynamic c. AIR What should you do if your bike starts making strange

483 views • 22 slides

Getting Down to Business Grants and Reporting Semi Annual Visits Strut Your Stuff tour 1

12/6/2018 Getting Down to Business Grants and Reporting Semi Annual Visits Strut Your Stuff tour 1 12/6/2018 Strut Your Stuff March 2019 September 2019 April 2020 Replaces BBC Program reporting (FUN) Two-hour

424 views • 6 slides

Why even worry about this stuff? 1 2/14/2019 Everyday could be the day Disasters are never

2/14/2019 Why even worry about this stuff? 1 2/14/2019 Everyday could be the day Disasters are never scheduled One big event doesnt mean the entire system stops Its about who you knowand what you do to serve the healthcare needs of

722 views • 14 slides

The (gimmicky) Road Map Gradual Sub-Lattice Reduction The Old Stuff Lattice Reduction

The Old Stuff The New Concepts The Bottom Line Gradual Sub-Lattice Reduction (now with more applications!) Andy Novocin andy@novocin.com LIRMM, Montpellier June 22nd The Old Stuff The New Concepts The Bottom Line The (gimmicky) Road

1.46k views • 99 slides

Bringing It All Together (or, am I really gonna have to know all this stuff?) Geoffrey C. Wall,

Bringing It All Together (or, am I really gonna have to know all this stuff?) Geoffrey C. Wall, Pharm.D., FCCP, BCPS, CGP Professor of Clinical Sciences Drake University Internal Medicine Clinical Pharmacist Iowa Methodist Medical Center A

406 views • 28 slides

Accuracy & confidence Most of course so far: estimating stuff from data Today: how much

Accuracy & confidence Most of course so far: estimating stuff from data Today: how much do we trust our estimates? Last week: one answer to this question prove ahead of time that training set estimate of prediction error will

342 views • 19 slides

Its Only Stuff The Theology of Possessions The Rev. Dr. Rick Young President & CEO,

Its Only Stuff The Theology of Possessions The Rev. Dr. Rick Young President & CEO, Texas Presbyterian Foundation https://www.youtube.com/watch?v=MvgN5gCuLac Why is this important? Why now? Because 1960 = 0 2018 = 52,000 and

385 views • 20 slides

Pirah Pirah Numbers & Stuff ISO 639-2 <myp> Spoken by Hi'aiti'ihi (

Pirah Pirah Numbers & Stuff ISO 639-2 <myp> Spoken by Hi'aiti'ihi ( the straight ones ) 2010: ~420 people 8 villages Maici River Hunter-gatherers http://www.unesco.org/languages-atlas/ Pirah Origin

209 views • 10 slides

Warning Dont over think this stuff. You can talk yourself into backwards answers.

Warning Dont over think this stuff. You can talk yourself into backwards answers. Focus on the fact that there are only a set number of trends to learn. Practice explaining each trend until you can do it in your

994 views • 35 slides

RIGHT STUFF EQUIPMENT PRODUCTS & SERVICES FOR THE THC/CBD MARKETS RSE AND THC AUTOMATION

RIGHT STUFF EQUIPMENT PRODUCTS & SERVICES FOR THE THC/CBD MARKETS RSE AND THC AUTOMATION DID A GREAT JOB ON OUR PACKAGING AUTOMATION PROJECT JOHN LORD- PRESIDENT OF LIVWELL MARKET STATUS The industry is growing at a rapid pace State

436 views • 15 slides

Some Basic Stuff on Empirical Work Master en Economa Industrial Matilde P. Machado Matilde

21/11/2011 Some Basic Stuff on Empirical Work Master en Economa Industrial Matilde P. Machado Matilde Machado 1 Some Basic Stuff on Empirical Work We usually talk about supply and demand as known continuous functions e.g. P S D Q

512 views • 9 slides

Last Few Things Final project deliverables (simple stuff) due

Last Few Things Final project deliverables (simple stuff) due by next Thursday (email or hard copy). Please fill out group/self evaluaCons. Get

414 views • 13 slides