head	1.4;
access;
symbols
	RELEASE_8_3_0:1.4
	RELEASE_9_0_0:1.4
	RELEASE_7_4_0:1.3
	RELEASE_8_2_0:1.3
	RELEASE_6_EOL:1.3
	RELEASE_8_1_0:1.3
	RELEASE_7_3_0:1.3
	RELEASE_8_0_0:1.3
	RELEASE_7_2_0:1.3
	RELEASE_7_1_0:1.3
	RELEASE_6_4_0:1.3
	RELEASE_5_EOL:1.3
	RELEASE_7_0_0:1.3
	RELEASE_6_3_0:1.3
	PRE_XORG_7:1.2
	RELEASE_4_EOL:1.2
	RELEASE_6_2_0:1.2
	RELEASE_6_1_0:1.2
	RELEASE_5_5_0:1.2
	RELEASE_6_0_0:1.2
	RELEASE_5_4_0:1.2
	RELEASE_4_11_0:1.2
	RELEASE_5_3_0:1.2
	RELEASE_4_10_0:1.2
	RELEASE_5_2_1:1.2
	RELEASE_5_2_0:1.2
	RELEASE_4_9_0:1.2
	RELEASE_5_1_0:1.2
	RELEASE_4_8_0:1.2
	RELEASE_5_0_0:1.2
	RELEASE_4_7_0:1.2
	RELEASE_4_6_2:1.2
	RELEASE_4_6_1:1.2
	RELEASE_4_6_0:1.2
	RELEASE_5_0_DP1:1.2
	RELEASE_4_5_0:1.2
	RELEASE_4_4_0:1.2
	RELEASE_4_3_0:1.1.1.1
	RELEASE_4_2_0:1.1.1.1
	RELEASE_4_1_1:1.1.1.1
	RELEASE_4_1_0:1.1.1.1
	RELEASE_3_5_0:1.1.1.1
	RELEASE_4_0_0:1.1.1.1
	RELEASE_3_4_0:1.1.1.1
	RELEASE_3_3_0:1.1.1.1
	RELEASE_3_2_0:1.1.1.1
	RELEASE_3_1_0:1.1.1.1
	bro_0_4_a:1.1.1.1
	bro_0_5_a:1.1.1.1
	RELEASE_2_2_8:1.1.1.1
	RELEASE_3_0_0:1.1.1.1
	RELEASE_2_2_7:1.1.1.1
	RELEASE_2_2_6:1.1.1.1
	bro_0_3_a:1.1.1.1
	OBRIEN:1.1.1;
locks; strict;
comment	@# @;


1.4
date	2011.10.24.09.10.45;	author dougb;	state Exp;
branches;
next	1.3;

1.3
date	2007.09.10.13.28.11;	author edwin;	state Exp;
branches;
next	1.2;

1.2
date	2001.06.24.20.29.37;	author dd;	state Exp;
branches;
next	1.1;

1.1
date	98.03.02.10.35.04;	author obrien;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	98.03.02.10.35.04;	author obrien;	state Exp;
branches;
next	;


desc
@@


1.4
log
@The vast majority of pkg-descr files had the following format when they
had both lines:

Author: ...
WWW: ....

So standardize on that, and move them to the end of the file when necessary.

Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.

s/AUTHOR/Author/

A few other various formatting issues
@
text
@Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS)
that passively monitors network traffic and looks for suspicious activity.
Bro detects intrusions by first parsing network traffic to extract is
application-level semantics and then executing event-oriented analyzers that
compare the activity with patterns deemed troublesome. Its analysis includes
detection of specific attacks (including those defined by signatures, but
also those defined in terms of events) and unusual activities (e.g., certain
hosts connecting to certain services, or patterns of failed connection
attempts).

Bro is documented in the USENIX 1998 Security Conference proceedings.

WWW: http://bro-ids.org/
@


1.3
log
@security/bro, port upgrade to version 1.2.1, take over maintainership

	This is an upgrade of the security/bro port to the current
	stable version.  The port is very complex, so it needs to
	be tested carefully to make sure that I'm not screwing
	anything up or using wrong conventions. Also, I'm willing
	to take over maintainership of the port if it's accepted
	into the tree.

	Please note, there are several files that need to be removed
	from the port and quite a few that need to be added. All
	these files are in FILESDIR.  I have provided blank patches
	for the files that need to be removed, so the patches will
	create blank files.

Added IS_INTERACTIVE to the port
Left original freebsd header comments in it.
Next time please use one big patch-file instead of lots of little ones :-)

PR:		ports/114999
Submitted by:	Paul Schmehl <pauls@@utdallas.edu>
@
text
@a12 3
-- Paul
   pauls@@utdallas.edu

@


1.2
log
@Remove duplicate words where appropriate.

Approved by:	sobomax, obrien
@
text
@d1 9
a9 2
Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.
d11 1
a11 8
Bro is a stand-alone system for detecting network intruders in real-time
by passively monitoring a network link over which the intruder's traffic
transits.  Bro is divided into an "event engine" that reduces a
kernel-filtered network traffic stream into a series of higher-level
events, and a "policy script interpreter" that interprets event handlers
written in a specialized language used to express a site's security policy.
Event handlers can update state information, synthesize new events, record
information to disk, and generate real-time notifications via `syslog'.
d13 2
a14 1
Bro is documented in the USENIX 1998 Security Conference proceedings.
d16 1
a16 2
-- David
   obrien@@cs.ucdavis.edu
@


1.1
log
@Initial revision
@
text
@d13 1
a13 1
Bro is documented in the the USENIX 1998 Security Conference proceedings.
@


1.1.1.1
log
@Bro is a system for detecting Network Intruders in real-time by the guys
that brought you tcpdump, libpcap, and flex.

Bro is documented in the the USENIX 1998 Security Conference proceedings.
@
text
@@
