Project

General

Profile

Actions
Copy link

Feature #1514

closed
AT AT

SSH softwareversion regex should allow colon

Feature #1514: SSH softwareversion regex should allow colon

Added by Antti Tönkyrä over 10 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Antti Tönkyrä
Target version:
3.0RC1
Effort:
Difficulty:
Label:

Description

Trojaned PuTTY builds have become more common recently, one method to catch some of them is to look for the version string. Current master does not always allow this since : is not a valid character for ssh.softwareversion. (ex. Putty-Local: Timestamp HH:MM:SS)

I made a pull request on GitHub regarding the issue at https://github.com/inliniac/suricata/pull/1491

VJ Updated by Victor Julien over 10 years ago Actions
Copy link
 #1

  • Target version set to 3.0RC1

VJ Updated by Victor Julien over 10 years ago Actions
Copy link
 #2

  • Status changed from New to Assigned
  • Assignee set to Antti Tönkyrä

VJ Updated by Victor Julien over 10 years ago Actions
Copy link
 #3

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100
Actions
Copy link

Also available in: PDF Atom