Project

General

Profile

Actions
Copy link

Feature #2713

closed

protocol detection w/o protocol parsing

Added by Victor Julien over 5 years ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Pierre Chifflier
Target version:
TBD
Effort:
Difficulty:
Label:

Description

At the Suricon2018 it was requested to add better support for detection of protocols w/o implementing full parsers.

Pierre, could you fill in more details of what you have in mind?

Related issues 3 (3 open0 closed)

Related to Suricata - Task #2685: SuriCon 2018 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #2757: improve protocol detectionIn ReviewPhilippe AntoineActions
Related to Suricata - Feature #6366: pop3 protocol detectionIn ReviewPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Victor Julien over 5 years ago

  • Related to Task #2685: SuriCon 2018 brainstorm added
Actions
Copy link
 #2

Updated by Philippe Antoine over 4 years ago

Are there specific protocols in mind ?
What is the use case ?
We have to watch for evasions to use this in a rules context...

Actions
Copy link
 #3

Updated by Philippe Antoine over 4 years ago

Actions
Copy link
 #4

Updated by Philippe Antoine 5 months ago

Actions
Copy link
 #5

Updated by Philippe Antoine 5 months ago

  • Status changed from Feedback to Closed

Closing as stale, feel free to reopen if tou have specific protocols in mind Pierre

Actions
Copy link

Also available in: Atom PDF