Project

General

Profile

Actions
Copy link

Feature #2727

open
EL OD

DCERPC UID to name mapping

Feature #2727: DCERPC UID to name mapping

Added by Eric Leblond over 7 years ago. Updated about 6 years ago.

Status:
Assigned
Priority:
Low
Assignee:
OISF Dev
Target version:
TBD
Effort:
low
Difficulty:
medium
Label:

Description

Microsoft is proposing a DCERPC UID to name mapping. It is used by Zeek to allow mapping of UID to human understandable names (see https://github.com/bro/bro/blob/master/scripts/base/protocols/dce-rpc/consts.bro).

We could integrate that into dcerpc output to get more user friendly events.

Related issues 1 (1 open0 closed)

Related to Suricata - Feature #8523: dcerpc: map opnum to the function namesAssignedShivani BhardwajActions

EL Updated by Eric Leblond over 7 years ago Actions
Copy link
 #1

  • Assignee set to Eric Leblond

VJ Updated by Victor Julien over 7 years ago Actions
Copy link
 #2

  • Status changed from New to Assigned
  • Target version set to 5.0beta1

VJ Updated by Victor Julien about 7 years ago Actions
Copy link
 #3

  • Priority changed from Normal to Low

VJ Updated by Victor Julien about 7 years ago Actions
Copy link
 #4

  • Target version changed from 5.0beta1 to 70

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
 #5

  • Target version changed from 70 to TBD

VJ Updated by Victor Julien about 6 years ago Actions
Copy link
 #6

  • Assignee changed from Eric Leblond to OISF Dev

VJ Updated by Victor Julien 15 days ago Actions
Copy link
 #7

  • Related to Feature #8523: dcerpc: map opnum to the function names added
Actions
Copy link

Also available in: PDF Atom