Project

General

Profile

Actions
Copy link

Feature #2713

open

protocol detection w/o protocol parsing

Added by Victor Julien over 4 years ago. Updated over 3 years ago.

Status:
Feedback
Priority:
Normal
Assignee:
Pierre Chifflier
Target version:
TBD
Effort:
Difficulty:
Label:

Description

At the Suricon2018 it was requested to add better support for detection of protocols w/o implementing full parsers.

Pierre, could you fill in more details of what you have in mind?

Related issues 2 (2 open0 closed)

Related to Task #2685: SuriCon 2018 brainstormAssignedVictor JulienActions
Related to Feature #2757: improve protocol detectionIn ReviewPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Victor Julien over 4 years ago

  • Related to Task #2685: SuriCon 2018 brainstorm added
Actions
Copy link
 #2

Updated by Philippe Antoine over 3 years ago

Are there specific protocols in mind ?
What is the use case ?
We have to watch for evasions to use this in a rules context...

Actions
Copy link
 #3

Updated by Philippe Antoine over 3 years ago

Actions
Copy link

Also available in: Atom PDF