
Bro Network Security Monitor - sunilkumarc
https://github.com/bro/bro
======
dang
This is an obvious dupe [1]. Submitters: please check for these. It's y

The name is also, as that recent thread made clear, an obvious special case.
And bikeshed flamewars are the last thing we need here—or rather _two_ of the
last things we need here, squared. If you have nothing substantive to say
about a serious piece of work, not commenting at all is a wise choice.

1\.
[https://hn.algolia.com/?q=bro+security#!/story/forever/0/bro...](https://hn.algolia.com/?q=bro+security#!/story/forever/0/bro%20security)

~~~
remor
You should happy to note that the name is something we don't bikeshed about
within the Bro project. The name is staying. It will far outlast the
negativity.

------
jmsdnns
I first saw the name "bro" and thought, "ohh geez..." but then I took a look
and found this is coming from very serious people. The kind of people that
wouldn't make a brogrammer joke.

Can anyone explain the name of the project?

~~~
alxndr
I had the same reaction.

If they're going for a Big Brother reference, why not a name like BB or
George[Orwell] or something from Newspeak?

~~~
Zikes
Because there is nothing wrong with the word "bro".

~~~
forgottenpass
There's no getting around it anymore. We have to accept the fact Bay Area
startup culture has turned a term of endearment into a gendered slur.

~~~
Zikes
So we grow a backbone and tread on, ignoring the people trying to manufacture
scandal for their own entertainment or empowerment, or we let one city's
subculture control the rights to the English language.

I choose the former.

~~~
obvious_throw
That is, until you get fired from your job for thoughtcrime. Being politically
correct and believing/saying the right things is required for employment in
the tech industry now.

------
moron4hire
And the word "bro" means a lot more than just "brogrammer" in the wider world
outside of Silicon Valley. It's not necessarily pejorative in all use cases. I
think it's fine that this stays "bro". Don't let shitty web magazines dictate
the language for the rest of us.

~~~
tptacek
Can we stop pretending this is a controversy in which our opinions about the
name matters? Bro has been Bro for almost as much time as the network
simulator has been named "ns"; longer, in fact, than Pathchar. Bro simply _is_
its name. There's no discussion to be had about it.

~~~
remor
Wait, wait! I've got it. Bro has been Bro longer than Google has been Google.
<drops mic>....

[http://www.google.com/about/company/history/](http://www.google.com/about/company/history/)
[http://www.bro.org/documentation/history.png](http://www.bro.org/documentation/history.png)

------
JoachimSchipper
I liked the following comment from the old thread, written by mavam:

===

(Disclaimer: Bro team member)

First, Bro is a Turing-complete scripting language ("the Python for the
network") and Snort/Suricata a system centered around regular-expression
matching [1]. These two paradigms have fundamentally different levels of
expressiveness.

Second, Bro's core is policy-neutral. [Continued at
[https://news.ycombinator.com/item?id=7728850](https://news.ycombinator.com/item?id=7728850)].

------
deathhand
I don't understand how this is any better than SNORT
[http://www.snort.org/](http://www.snort.org/)

~~~
danielweber
Snort is more like a packet-filtering firewall, Bro is more like a protocol-
lawyer firewall.

That's a general description and misses a lot of details.

~~~
tptacek
No offense, but it's also extremely inaccurate; that is not a good dividing
line to draw between the two projects.

The previous Bro thread had a decent comparison between the two projects.

If I was going to deploy a network IDS/IPS somewhere (spoiler: I wouldn't),
it'd be Snort. If I was going to monitor a network in general, or do network
monitoring research, I'd use Bro.

~~~
anonymousDan
Why wouldn't you deploy a network IDS/IPS out of interest? What problems do
they have and what would you advise instead?

~~~
tptacek
Sometime when we're in an unburied thread and I'm not prepping to travel out
of the country the next day, I'll be happy to write a couple thousand words on
this. But fair warning, I probably won't say anything you wouldn't expect me
to say after reading what I wrote about it back in '98 (Google [insertion
evasion]).

------
bibinou
previously :
[https://news.ycombinator.com/item?id=7726177](https://news.ycombinator.com/item?id=7726177)

