Actions
Feature #273
openIRC protocol detection support
Effort:
medium
Difficulty:
medium
Label:
Protocol
Description
Support IRC in the protocol detection module so we can write rules like:
alert irc ....
Updated by Victor Julien about 13 years ago
- Target version changed from 1.1beta2 to 1.1beta3
Updated by Victor Julien almost 13 years ago
- Due date set to 04/29/2011
- Assignee changed from Victor Julien to Anoop Saldanha
- Estimated time set to 6.00 h
Anoop can you create a "probing parser" on top of task 209? Thanks!
Updated by Anoop Saldanha almost 13 years ago
Victor Julien wrote:
Anoop can you create a "probing parser" on top of task 209? Thanks!
cool
Updated by Victor Julien over 12 years ago
- Target version changed from 1.1beta3 to 1.2
Retargeting to version 1.2 as some interaction issues with the ftp parser need to be addressed first.
Updated by Victor Julien over 12 years ago
- Target version changed from 1.2 to TBD
Updated by Andreas Herz over 7 years ago
- Assignee changed from Anoop Saldanha to OISF Dev
Is this still a thing to have dedicated IRC rules? :)
Updated by Victor Julien almost 6 years ago
- Status changed from Assigned to New
- Assignee deleted (
OISF Dev) - Effort set to medium
- Difficulty set to medium
This depends on protocol detection improvements. Right now patterns for ftp, smtp, and irc would be too similar and the proto detection is too dumb.
Updated by Victor Julien over 5 years ago
- Blocked by Feature #2572: extend protocol detection to specify flow direction added
Updated by Victor Julien over 5 years ago
- Related to Feature #2757: improve protocol detection added
Updated by Victor Julien almost 5 years ago
- Related to Bug #2978: IRC traffic parsed by FTP added
Updated by Victor Julien over 3 years ago
- Related to Task #4151: Research: New protocol support added
Updated by Victor Julien over 3 years ago
- Related to Task #4097: Suricon 2020 brainstorm added
Actions