https://redmine.openinfosecfoundation.org/
https://redmine.openinfosecfoundation.org/favicon.ico?1701117002
2018-09-19T21:08:33Z
Open Information Security Foundation
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=10262
2018-09-19T21:08:33Z
Andreas Herz
oisf@herzandreas.de
<ul><li><strong>Target version</strong> set to <i>Documentation</i></li></ul><p>We need to add it to the keywords section as well to the EVE (JSON Format) section.</p>
<p>Suggested example rule:<br /><pre><code class="text syntaxhl" data-language="text">
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN HackerDefender? Root Kit Remote Connection Attempt Detected"; flow: established,to_server; content:"|01 9a 8c 66 af c0 4a 11 9e 3f 40 88 12 2c 3a 4a 84 65 38 b0 b4 08 0b af db ce 02 94 34 5f 22|"; rawbytes; tag: session, 20, packets; reference:url,securityresponse.symantec.com/avcenter/venc/data/backdoor.hackdefender.html; reference:url,doc.emergingthreats.net/2001743; classtype:trojan-activity; sid:2001743; rev:8; metadata:created_at 2010_07_30, updated_at 2010_07_30;)
</code></pre></p>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=10506
2018-11-21T14:46:26Z
Victor Julien
victor@inliniac.net
<ul><li><strong>Related to</strong> <i><a class="issue tracker-6 status-2 priority-4 priority-default" href="/issues/2699">Documentation #2699</a>: document all eve record types and fields</i> added</li></ul>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=11444
2019-03-11T14:25:13Z
Victor Julien
victor@inliniac.net
<ul><li><strong>Assignee</strong> set to <i>Community Ticket</i></li></ul>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=11512
2019-03-12T11:34:10Z
Victor Julien
victor@inliniac.net
<ul><li><strong>Target version</strong> changed from <i>Documentation</i> to <i>TBD</i></li></ul>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=13824
2019-09-25T19:20:30Z
Andreas Herz
oisf@herzandreas.de
<ul><li><strong>Tracker</strong> changed from <i>Optimization</i> to <i>Documentation</i></li></ul>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=24186
2022-08-04T15:02:31Z
Juliana Fajardini Reichow
<ul><li><strong>Assignee</strong> changed from <i>Community Ticket</i> to <i>Juliana Fajardini Reichow</i></li></ul>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=26032
2022-12-07T14:24:10Z
Juliana Fajardini Reichow
<ul><li><strong>Target version</strong> changed from <i>TBD</i> to <i>8.0.0-beta1</i></li></ul>
Suricata - Documentation #2620: Documentation: tagged_packets / event_type packet
https://redmine.openinfosecfoundation.org/issues/2620?journal_id=31804
2024-01-08T14:32:26Z
Victor Julien
victor@inliniac.net
<ul><li><strong>Assignee</strong> changed from <i>Juliana Fajardini Reichow</i> to <i>OISF Dev</i></li></ul>