Bug #1567: TCP: Evasion issue - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #1567

closed

TCP: Evasion issue

Added by Adrian Falk over 8 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Affected Versions:

Effort:

Difficulty:

Label:

Description

In some cases, sending error'ed packets to Suricata lead to it not detecting the app-layer session over TCP. I tested and confirmed that this issue exists in Suricata2.1 beta 4.

Have discussed this issue on the oisf-devel mailing list at https://lists.openinfosecfoundation.org/pipermail/oisf-devel/2015-July/003457.html so I will not repeat that information here.

Am creating this bug report to track this issue.

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #1567

TCP: Evasion issue

Updated by Andreas Herz over 7 years ago

Updated by Andreas Herz almost 5 years ago

Updated by Andreas Herz almost 5 years ago

Updated by Victor Julien over 2 years ago