Project

General

Custom queries

Profile

Actions
Copy link

Feature #2713

closed

protocol detection w/o protocol parsing

Added by Victor Julien over 6 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Pierre Chifflier
Target version:
TBD
Effort:
Difficulty:
Label:

Description

At the Suricon2018 it was requested to add better support for detection of protocols w/o implementing full parsers.

Pierre, could you fill in more details of what you have in mind?

Related issues 3 (2 open1 closed)

Related to Suricata - Task #2685: SuriCon 2018 brainstormAssignedVictor JulienActions
Related to Suricata - Task #2757: improve protocol detectionIn ReviewPhilippe AntoineActions
Related to Suricata - Feature #6366: pop3: protocol detectionClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Victor Julien over 6 years ago

  • Related to Task #2685: SuriCon 2018 brainstorm added
Actions
Copy link
 #2

Updated by Philippe Antoine over 5 years ago

Are there specific protocols in mind ?
What is the use case ?
We have to watch for evasions to use this in a rules context...

Actions
Copy link
 #3

Updated by Philippe Antoine over 5 years ago

  • Related to Task #2757: improve protocol detection added
Actions
Copy link
 #4

Updated by Philippe Antoine over 1 year ago

Actions
Copy link
 #5

Updated by Philippe Antoine over 1 year ago

  • Status changed from Feedback to Closed

Closing as stale, feel free to reopen if tou have specific protocols in mind Pierre

Actions
Copy link

Also available in: Atom PDF