[
https://bro-tracker.atlassian.net/browse/BIT-1143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15707#comment-15707
]
Jon Siwek commented on BIT-1143:
--------------------------------
I also forgot to mention another improvement of the signature approach over
libmagic is that a file is no longer limited to matching a single MIME type.
One can now programmatically get at the full list of signature matches along
with a value indicating the "strength" of the match.
> Investigate replacing libmagic w/ signatures for file identificaiton
> --------------------------------------------------------------------
>
> Key: BIT-1143
> URL: https://bro-tracker.atlassian.net/browse/BIT-1143
> Project: Bro Issue Tracker
> Issue Type: New Feature
> Components: Bro
> Affects Versions: git/master
> Reporter: Jon Siwek
> Assignee: Jon Siwek
> Fix For: 2.3
>
>
> I think it makes sense to try to make the switch from libmagic to using Bro's
> own signature engine for file identification before the next release. Don't
> want people getting used to magic file format for their own custom file
> identification rules.
--
This message was sent by Atlassian JIRA
(v6.2-OD-10-004-WN#6253)
_______________________________________________
bro-dev mailing list
[email protected]
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
