Feature #2727: DCERPC UID to name mapping - Suricata - Open Information Security Foundation

Actions

Feature #2727

open

DCERPC UID to name mapping

Added by Eric Leblond over 5 years ago. Updated about 4 years ago.

Status:

Assigned

Priority:

Low

Assignee:

Target version:

Effort:

low

Difficulty:

medium

Label:

Description

Microsoft is proposing a DCERPC UID to name mapping. It is used by Zeek to allow mapping of UID to human understandable names (see https://github.com/bro/bro/blob/master/scripts/base/protocols/dce-rpc/consts.bro).

We could integrate that into dcerpc output to get more user friendly events.

Actions

#1

Updated by Eric Leblond over 5 years ago

Assignee set to Eric Leblond

Actions

#2

Updated by Victor Julien over 5 years ago

Status changed from New to Assigned
Target version set to 5.0beta1

Actions

#3

Updated by Victor Julien about 5 years ago

Priority changed from Normal to Low

Actions

#4

Updated by Victor Julien about 5 years ago

Target version changed from 5.0beta1 to 70

Actions

#5

Updated by Victor Julien over 4 years ago

Target version changed from 70 to TBD

Actions

#6

Updated by Victor Julien about 4 years ago

Assignee changed from Eric Leblond to OISF Dev

Actions

Also available in: Atom PDF