Project

General

Profile

Actions

Task #2309

open

Task #4763: tracking: Suricon brainstorms

SuriCon 2017 brainstorm

Added by Victor Julien over 6 years ago. Updated almost 2 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Meta ticket. Add relations to this ticket for the tickets discussed at SuriCon or created after SuriCon brainstorm.


Related issues 46 (12 open34 closed)

Related to Suricata - Feature #2308: threshold/suppress by http_hostAssignedTodd MortimerActions
Related to Suricata - Feature #2310: lua: expose xbitsNewCommunity TicketActions
Related to Suricata - Feature #2311: math on extracted valuesClosedJeff LucovskyActions
Related to Suricata - Feature #2312: http: parsing for async streamsClosedPhilippe AntoineActions
Related to Suricata - Task #2313: tracking: save & restore state when suricata restartsNewOISF DevActions
Related to Suricata - Feature #2314: protocol parser: rdpClosedZach KellyActions
Related to Suricata - Feature #646: smb log feature to be introducedClosedVictor Julien11/28/2012Actions
Related to Suricata - Feature #2315: eve: ftp loggingClosedJeff LucovskyActions
Related to Suricata - Feature #2316: global memcapAssignedGiuseppe LongoActions
Related to Suricata - Optimization #2317: rcuNewOISF DevActions
Related to Suricata - Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup toolingClosedJason Ish06/08/2014Actions
Related to Suricata - Task #2278: tracking: failing betterNewOISF DevActions
Related to Suricata - Feature #550: Extract file attachments from FTPClosedEric Leblond09/10/2012Actions
Related to Suricata - Feature #2192: JA3 TLS client fingerprintingClosedMats Klepsland07/24/2017Actions
Related to Suricata - Feature #2279: TLS 1.3 decoding, SNI extraction and loggingClosedMats KlepslandActions
Related to Suricata - Feature #2280: http: rules that match both request and responseAssignedVictor JulienActions
Related to Suricata - Feature #1576: http: byte-range supportClosedPhilippe AntoineActions
Related to Suricata - Feature #2281: tcp stream: simpler IDS handling of overlap evasionsAssignedVictor JulienActions
Related to Suricata - Feature #120: Capture full session on alertClosedScott JordanActions
Related to Suricata - Feature #385: Configuration option to log all known (pcap) data for a stream when an alert firesClosedCommunity TicketActions
Related to Suricata - Task #2219: Save pcap only if alertRejectedActions
Related to Suricata - Feature #2290: lua: use script as transformAssignedJeff LucovskyActions
Related to Suricata - Feature #2284: detect partial file transfersClosedActions
Related to Suricata - Feature #1705: hyperscan pcre integrationClosedActions
Related to Suricata - Feature #1006: transformation apiClosedVictor Julien10/23/2013Actions
Related to Suricata - Feature #2291: traffic-id: ruleset for traffic classification and bypassAssignedJason IshActions
Related to Suricata - Feature #2285: modify memcaps over unix socketClosedGiuseppe Longo11/20/2017Actions
Related to Suricata - Feature #2283: turn content modifiers into 'sticky buffers'ClosedOISF DevActions
Related to Suricata - Feature #1948: allow filestore name configuration optionsClosedJason Ish11/10/2016Actions
Related to Suricata - Documentation #2286: doc: document best practices around handling file extractionClosedJason IshActions
Related to Suricata - Feature #2282: event log aka weird.logClosedJeff LucovskyActions
Related to Suricata - Optimization #2272: Analyze DNS response if query is not presentAssignedJason IshActions
Related to Suricata - Feature #741: Introduce endswith keywordClosedVictor Julien01/31/2013Actions
Related to Suricata - Feature #742: startswith keywordClosedVictor Julien02/01/2013Actions
Related to Suricata - Feature #735: Introduce content_len keywordClosedVictor Julien01/26/2013Actions
Related to Suricata - Feature #2299: pcap: read directory with pcaps from the commandlineClosedDanny Browning11/28/2017Actions
Related to Suricata - Feature #2298: pcap: store pcaps in compressed formClosedActions
Related to Suricata - Feature #1828: YARA supportRejectedActions
Related to Suricata - Feature #1949: only write unique filesClosedJason Ish11/10/2016Actions
Related to Suricata - Feature #962: Can I log the mac address of the source?ClosedSascha SteinbissActions
Related to Suricata - Feature #2318: matching on large amounts of data with dynamic updatesClosedVictor JulienActions
Related to Suricata - Feature #2319: Expose flow lifetime to the rulelanguageRejectedActions
Related to Suricata - Feature #2320: configure host os policy over unix socketRejectedActions
Related to Suricata - Optimization #2321: yaml: clean up usage of listsAssignedJason IshActions
Related to Suricata - Support #2322: create place for easy sharing of test casesClosedCommunity TicketActions
Related to Suricata - Feature #660: Update host policy from unix socketRejectedActions
Actions #1

Updated by Victor Julien over 6 years ago

  • Related to Feature #2308: threshold/suppress by http_host added
Actions #2

Updated by Victor Julien over 6 years ago

Actions #3

Updated by Victor Julien over 6 years ago

Actions #4

Updated by Victor Julien over 6 years ago

  • Related to Feature #2312: http: parsing for async streams added
Actions #5

Updated by Victor Julien over 6 years ago

  • Related to Task #2313: tracking: save & restore state when suricata restarts added
Actions #6

Updated by Victor Julien over 6 years ago

Actions #7

Updated by Victor Julien over 6 years ago

  • Related to Feature #646: smb log feature to be introduced added
Actions #8

Updated by Victor Julien over 6 years ago

Actions #9

Updated by Victor Julien over 6 years ago

Actions #10

Updated by Victor Julien over 6 years ago

Actions #11

Updated by Victor Julien over 6 years ago

  • Related to Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup tooling added
Actions #12

Updated by Victor Julien over 6 years ago

  • Related to Task #2278: tracking: failing better added
Actions #13

Updated by Victor Julien over 6 years ago

  • Related to Feature #550: Extract file attachments from FTP added
Actions #14

Updated by Victor Julien over 6 years ago

Actions #15

Updated by Victor Julien over 6 years ago

  • Related to Feature #2279: TLS 1.3 decoding, SNI extraction and logging added
Actions #16

Updated by Victor Julien over 6 years ago

  • Related to Feature #2280: http: rules that match both request and response added
Actions #17

Updated by Victor Julien over 6 years ago

Actions #18

Updated by Victor Julien over 6 years ago

  • Related to Feature #2281: tcp stream: simpler IDS handling of overlap evasions added
Actions #19

Updated by Victor Julien over 6 years ago

  • Related to Feature #120: Capture full session on alert added
Actions #20

Updated by Victor Julien over 6 years ago

  • Related to Feature #385: Configuration option to log all known (pcap) data for a stream when an alert fires added
Actions #21

Updated by Victor Julien over 6 years ago

  • Related to Task #2219: Save pcap only if alert added
Actions #22

Updated by Victor Julien over 6 years ago

Actions #23

Updated by Victor Julien over 6 years ago

Actions #24

Updated by Victor Julien over 6 years ago

Actions #25

Updated by Victor Julien over 6 years ago

Actions #26

Updated by Victor Julien over 6 years ago

  • Related to Feature #2291: traffic-id: ruleset for traffic classification and bypass added
Actions #27

Updated by Victor Julien over 6 years ago

  • Related to Feature #2285: modify memcaps over unix socket added
Actions #28

Updated by Victor Julien over 6 years ago

  • Related to Feature #2283: turn content modifiers into 'sticky buffers' added
Actions #29

Updated by Victor Julien over 6 years ago

  • Related to Feature #1948: allow filestore name configuration options added
Actions #30

Updated by Victor Julien over 6 years ago

  • Related to Documentation #2286: doc: document best practices around handling file extraction added
Actions #31

Updated by Victor Julien over 6 years ago

Actions #32

Updated by Victor Julien over 6 years ago

Actions #33

Updated by Victor Julien over 6 years ago

Actions #34

Updated by Victor Julien over 6 years ago

Actions #35

Updated by Victor Julien over 6 years ago

  • Related to Feature #735: Introduce content_len keyword added
Actions #36

Updated by Victor Julien over 6 years ago

  • Related to Feature #2299: pcap: read directory with pcaps from the commandline added
Actions #37

Updated by Victor Julien over 6 years ago

  • Related to Feature #2298: pcap: store pcaps in compressed form added
Actions #38

Updated by Victor Julien over 6 years ago

Actions #39

Updated by Victor Julien over 6 years ago

Actions #40

Updated by Victor Julien over 6 years ago

  • Related to Feature #962: Can I log the mac address of the source? added
Actions #41

Updated by Victor Julien over 6 years ago

  • Related to Feature #2318: matching on large amounts of data with dynamic updates added
Actions #42

Updated by Victor Julien over 6 years ago

  • Related to Feature #2319: Expose flow lifetime to the rulelanguage added
Actions #43

Updated by Victor Julien over 6 years ago

  • Related to Feature #2320: configure host os policy over unix socket added
Actions #44

Updated by Victor Julien over 6 years ago

Actions #45

Updated by Victor Julien over 6 years ago

  • Related to Support #2322: create place for easy sharing of test cases added
Actions #46

Updated by Victor Julien about 6 years ago

  • Related to Feature #660: Update host policy from unix socket added
Actions #47

Updated by Victor Julien almost 4 years ago

  • Tracker changed from Support to Task
  • Target version set to Support
Actions #48

Updated by Victor Julien over 2 years ago

  • Parent task set to #4763
Actions #49

Updated by Victor Julien almost 2 years ago

  • Status changed from New to Assigned
Actions

Also available in: Atom PDF