Actions
Feature #1979
open
OS
VJ
TCP/IP packets normalization/scrubbing
Feature #1979:
TCP/IP packets normalization/scrubbing
Effort:
high
Difficulty:
medium
Label:
Description
Snort is capable of normalizing network traffic see : https://snort.org/faq/readme-normalize
For example if one wants clear the reserved bits in the TCP header, in Snort this would be possible using the following: preprocessor normalize_tcp: [rsv]
I am convinced that TCP/IP packets normalization is possible in Suricata, but I don't know where to configure it.
Can you please help me?
Thank you.
Actions