Thursday, July 14, 2016

@Bro_IDS: Your Bro News Feed

Since we created the Bro Twitter account @Bro_IDS in 2011, the channel has turned into one of the most effective ways for reaching out to the Bro community. Every Tweet now reaches more than 5000 followers and counting.

While @Bro_IDS serves us as a microphone for our own updates, we have also always been liberal with retweeting news from the broader Bro community, hoping to help create visibility for Bro’s diverse user population around the world. However, with the tremendous audience that @Bro_IDS is now reaching, there comes responsibility, too. To ensure that the @Bro_IDS team’s decisions remain fair and transparent, the Bro Leadership Team has recently devised a set of guidelines for the account that we would like to share.

Overall, we see @Bro_IDS as serving as a distributor of news related to Bro, covering activity from both the Bro Project itself as well as from the broader community. For the project’s own messages, we may tweet about recent developments, events that the team’s involved with, or external pointers that we deem interesting. As a general rule, if a Tweet originates from @Bro_IDS, it represents the voice of the project.

We use a different policy when retweeting from the community. Generally, we are happy to retweet Bro-related news from users and organizations; just make sure to include @Bro_IDS in your Tweet so that we will see it. This does explicitly include corporate announcements—we are happy to provide visibility for, e.g., products and services, or relevant job postings, as long as they involve a substantial Bro component. However, @Bro_IDS does not endorse external organizations or content. When we retweet, we do so from a neutral perspective, and without judgement.

Our rules for deciding what to retweet are pretty straight-forward: the Tweet must be directly related to Bro; it must not substantially overlap with anything we have already passed on recently; and it must not create the impression, directly or indirectly, that the Bro Project would endorse the content. As an exception, for non-commercial activity we may occasionally also forward news that’s not directly Bro-centric if it still appears relevant to a large part of the Bro community; examples would be the newest OpenSSL vulnerability, or an interesting research paper in the space. We usually do not retweet follow-up conversations unless there’s significant additional information that warrants an update on its own.

We believe that through this policy, @Bro_IDS can serve the Bro community as a valuable, fair source of news. To receive all the updates, make sure to follow @Bro_IDS. If you want to reach the Bro community for your announcement, include @Bro_IDS in your Tweet.

The Bro Team

Saturday, June 4, 2016

BroCon ’16 CFP deadline extended to June 10th

Bro Community,

We are extending the BroCon ’16 call for presentations deadline to Friday, June 10th. For more information about the CFP, see our blog post. And don't forget to register!

See you in September,

The Bro Project

Friday, May 27, 2016

Reminder: Upgrade your Bro installation! Stability updates in 2.4.1

Reminder: Upgrade your Bro installation! Stability updates in 2.4.1


Bro 2.5 is not far away, but in the meantime you should upgrade to Bro 2.4.1. This is the latest stable release. If you are running 2.4 the upgrade to 2.4.1 won't break your config. This release contains important fixes without changing Bro's functionality.
Not sure which one your version is? 'bro --version' will tell you.

Check the change log here.

Monday, May 23, 2016

Reminder: BroCon ’16 CFP ends Friday June 3rd

Interested in presenting at BroCon ’16 this year? Our call for presentations ends Friday, June 3rd.

We are looking for talks to represent the many applications of Bro. Suitable topics include, but are not limited to:
  • as a tool for solving problems;
  • interesting user stories, solutions, or research projects;
  • a postmortem analysis of a security incident, emphasizing Bro’s contribution;
  • the value Bro brings to your professional work;
  • and, using Bro for more than intrusion detection.
Criteria for evaluating proposals include whether the topic is applicable to multiple types of organizations, gives people ideas to take home and use, can be understood by a broad audience, or is novel to many in the audience. Scrolling through our YouTube Channel may provide some insight into the types of presentations we wish to feature. Plan on limiting your talk to 30-35 minutes with an additional 10 minutes for questions/comments.

Send abstracts (max 500 words) to: info@bro.org
Subject: BroCon 2016 Call for Presentations
Submission due date: Friday, June 3rd
Target date for announcing speakers: Friday July 1st

Proposals are selected by the Bro Leadership Team:
  • Seth Hall, International Computer Science Institute
  • Keith Lehigh, Indiana University
  • Vern Paxson, University of California at Berkeley / International Computer Science Institute
  • Michal Purzynski, Mozilla Foundation
  • Aashish Sharma, Lawrence Berkeley Lab
  • Adam Slagell, National Center for Supercomputing Applications
  • Robin Sommer, International Computer Science Institute

Tuesday, May 17, 2016

Talk to us! - The Bro team's communication channels

Talk to us! - The Bro team's communication channels

Bro is now more than 20 years old. The community has grown in size and diversity. In response we made some changes to the ways the Bro community can communicate with us.

Gitter


We are currently testing Gitter, a chat system designed for developers. Please join the Bro channel. You can browse to it at gitter.im/bro/bro, download the native apps, or connect via IRC. Currently, we have a Bro room and Broker room. We're looking forward to seeing you there! The test will go on for a couple more weeks. Please give feedback in Gitter or to info@bro.org about this.

IRC


Our IRC channel #bro on Freenode is the well established chat where many people of the community as well as some Bro developers will answer questions.

The Bro Mailing Lists


We also will continue to maintain our mailing lists. The most important ones are bro@bro.org, bro-announce@bro.org, and bro-dev@bro.org.

bro@bro.org is our general user mailing list. If you prefer mail over chat, this should be your first address whenever you get stuck using Bro or want to understand something. Experienced Bro users and members of Bro's developer team answer on this list.

bro-announce@bro.org is a low traffic mailing list used to announce Bro events, code releases, and other important news.

bro-dev@bro.org is the mailing list you should subscribe to if you want to follow or participate in discussions on Bro's future from a developer perspective. On this list we discuss design and feature decisions, and also how to resolve problems and bugs. We recently moved automated mails from our ticket system away from this list to reduce the noise. The immediate effect was an increase in productive discussions.

Twitter


Our Twitter channel is @Bro_IDS. This is our channel for quick and short news, too small for bro-announce or a blog post.

Bro Community and other ways to reach us


More options to listen or talk to us are listed on our Community page.
If you need to talk to us in private about logistics, donation offers, or other special requests, you can write to info@bro.org.

A little reminder and request to the community: As an open source project the Bro team tries to help wherever possible with using and developing Bro. Please send technical questions to one of the mailing lists, though; not to info@bro.org. That way the broader Bro community gets a chance to chime in as well, and everybody will benefit from any responses.

The Bro User Community


We want to take this opportunity to thank all our users and contributors! Please keep talking to us.

Friday, January 29, 2016

BroCon ’16: Sept. 13th - 15th in Austin, TX

We are happy to announce that BroCon ’16 will occur on Tuesday, September 13th - Thursday, September 15th at the Texas Advanced Computing Center in Austin, Texas.

See our event page:
https://www.bro.org/community/brocon2016.html

Early bird registration is open! CFP is open!

Interested in sponsoring BroCon? Contact us at info@bro.org for more information.

Thank you for your continued support, and see you in September!

Regards,
The Bro Project

Tuesday, January 19, 2016

Bro training at Educause Security Professionals Conference, April 18th

The Bro Team is presenting a training at the 2016 Educause Security Professionals Conference on Monday April 18th in Seattle, Washington. Our topic is "Monitoring Your Science DMZ with Bro."

The Science DMZ architecture is spreading throughout higher ed, with both the National Science Foundation and ESNet promoting this more open model to campus cyberinfrastructure providers. NSF has invested in building 10G and 100G research networks to meet the growing demands of the nation's scientists and engineers, but this brings challenges to many traditional ways of securing campus infrastructure. Bro has a successful track record protecting some of the most demanding networks in the country, and it comes well prepared to address the security challenges of bringing data and compute resources outside the firewall for performance. The NSF Bro Center of Expertise is hosting a one-day Bro training workshop aimed at higher ed operators of cyberinfrastructure. This hands-on training will demonstrate Bro's capabilities, teach you how to set up and configure Bro, discuss strategies for deployment on high-speed networks, and present opportunities for further individual assistance from the center.

OUTCOMES:
  • Understand the purpose of Bro and its features
  • Learn how to install Bro with suggested configuration modifications (e.g., load balancing, pinning workers)
  • Learn how to seek assistance from the Bro Center of Expertise

Event link:
http://www.educause.edu/events/security-professionals-conference

Bro Abstract:
http://www.educause.edu/events/security-professionals-conference/2016/monitoring-your-science-dmz-bro