Project

General

Profile

Actions

Task #2309

open

Task #4763: tracking: Suricon brainstorms

SuriCon 2017 brainstorm

Added by Victor Julien over 6 years ago. Updated almost 2 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Meta ticket. Add relations to this ticket for the tickets discussed at SuriCon or created after SuriCon brainstorm.


Related issues 46 (12 open34 closed)

Related to Suricata - Feature #2308: threshold/suppress by http_hostAssignedTodd MortimerActions
Related to Suricata - Feature #2310: lua: expose xbitsNewCommunity TicketActions
Related to Suricata - Feature #2311: math on extracted valuesClosedJeff LucovskyActions
Related to Suricata - Feature #2312: http: parsing for async streamsClosedPhilippe AntoineActions
Related to Suricata - Task #2313: tracking: save & restore state when suricata restartsNewOISF DevActions
Related to Suricata - Feature #2314: protocol parser: rdpClosedZach KellyActions
Related to Suricata - Feature #646: smb log feature to be introducedClosedVictor Julien11/28/2012Actions
Related to Suricata - Feature #2315: eve: ftp loggingClosedJeff LucovskyActions
Related to Suricata - Feature #2316: global memcapAssignedGiuseppe LongoActions
Related to Suricata - Optimization #2317: rcuNewOISF DevActions
Related to Suricata - Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup toolingClosedJason Ish06/08/2014Actions
Related to Suricata - Task #2278: tracking: failing betterNewOISF DevActions
Related to Suricata - Feature #550: Extract file attachments from FTPClosedEric Leblond09/10/2012Actions
Related to Suricata - Feature #2192: JA3 TLS client fingerprintingClosedMats Klepsland07/24/2017Actions
Related to Suricata - Feature #2279: TLS 1.3 decoding, SNI extraction and loggingClosedMats KlepslandActions
Related to Suricata - Feature #2280: http: rules that match both request and responseAssignedVictor JulienActions
Related to Suricata - Feature #1576: http: byte-range supportClosedPhilippe AntoineActions
Related to Suricata - Feature #2281: tcp stream: simpler IDS handling of overlap evasionsAssignedVictor JulienActions
Related to Suricata - Feature #120: Capture full session on alertClosedScott JordanActions
Related to Suricata - Feature #385: Configuration option to log all known (pcap) data for a stream when an alert firesClosedCommunity TicketActions
Related to Suricata - Task #2219: Save pcap only if alertRejectedActions
Related to Suricata - Feature #2290: lua: use script as transformAssignedJeff LucovskyActions
Related to Suricata - Feature #2284: detect partial file transfersClosedActions
Related to Suricata - Feature #1705: hyperscan pcre integrationClosedActions
Related to Suricata - Feature #1006: transformation apiClosedVictor Julien10/23/2013Actions
Related to Suricata - Feature #2291: traffic-id: ruleset for traffic classification and bypassAssignedJason IshActions
Related to Suricata - Feature #2285: modify memcaps over unix socketClosedGiuseppe Longo11/20/2017Actions
Related to Suricata - Feature #2283: turn content modifiers into 'sticky buffers'ClosedOISF DevActions
Related to Suricata - Feature #1948: allow filestore name configuration optionsClosedJason Ish11/10/2016Actions
Related to Suricata - Documentation #2286: doc: document best practices around handling file extractionClosedJason IshActions
Related to Suricata - Feature #2282: event log aka weird.logClosedJeff LucovskyActions
Related to Suricata - Optimization #2272: Analyze DNS response if query is not presentAssignedJason IshActions
Related to Suricata - Feature #741: Introduce endswith keywordClosedVictor Julien01/31/2013Actions
Related to Suricata - Feature #742: startswith keywordClosedVictor Julien02/01/2013Actions
Related to Suricata - Feature #735: Introduce content_len keywordClosedVictor Julien01/26/2013Actions
Related to Suricata - Feature #2299: pcap: read directory with pcaps from the commandlineClosedDanny Browning11/28/2017Actions
Related to Suricata - Feature #2298: pcap: store pcaps in compressed formClosedActions
Related to Suricata - Feature #1828: YARA supportRejectedActions
Related to Suricata - Feature #1949: only write unique filesClosedJason Ish11/10/2016Actions
Related to Suricata - Feature #962: Can I log the mac address of the source?ClosedSascha SteinbissActions
Related to Suricata - Feature #2318: matching on large amounts of data with dynamic updatesClosedVictor JulienActions
Related to Suricata - Feature #2319: Expose flow lifetime to the rulelanguageRejectedActions
Related to Suricata - Feature #2320: configure host os policy over unix socketRejectedActions
Related to Suricata - Optimization #2321: yaml: clean up usage of listsAssignedJason IshActions
Related to Suricata - Support #2322: create place for easy sharing of test casesClosedCommunity TicketActions
Related to Suricata - Feature #660: Update host policy from unix socketRejectedActions
Actions

Also available in: Atom PDF