Actions
Feature #273
open
VJ
CT
IRC protocol detection support
Feature #273:
IRC protocol detection support
Added by Victor Julien about 15 years ago. Updated over 5 years ago.
Effort:
medium
Difficulty:
medium
Label:
Protocol
Description
Support IRC in the protocol detection module so we can write rules like:
alert irc ....
VJ Updated by Victor Julien almost 15 years ago Actions #1
- Target version changed from 1.1beta2 to 1.1beta3
VJ Updated by Victor Julien almost 15 years ago Actions #2
- Due date set to 04/29/2011
- Assignee changed from Victor Julien to Anoop Saldanha
- Estimated time set to 6.00 h
Anoop can you create a "probing parser" on top of task 209? Thanks!
AS Updated by Anoop Saldanha almost 15 years ago Actions #3
Victor Julien wrote:
Anoop can you create a "probing parser" on top of task 209? Thanks!
cool
VJ Updated by Victor Julien over 14 years ago Actions #4
- Target version changed from 1.1beta3 to 1.2
Retargeting to version 1.2 as some interaction issues with the ftp parser need to be addressed first.
VJ Updated by Victor Julien about 14 years ago Actions #5
- Target version changed from 1.2 to TBD
AH Updated by Andreas Herz over 9 years ago Actions #6
- Assignee changed from Anoop Saldanha to OISF Dev
Is this still a thing to have dedicated IRC rules? :)
VJ Updated by Victor Julien almost 8 years ago Actions #7
- Status changed from Assigned to New
- Assignee deleted (
OISF Dev) - Effort set to medium
- Difficulty set to medium
This depends on protocol detection improvements. Right now patterns for ftp, smtp, and irc would be too similar and the proto detection is too dumb.
VJ Updated by Victor Julien over 7 years ago Actions #8
- Blocked by Feature #2572: extend protocol detection to specify flow direction added
VJ Updated by Victor Julien over 7 years ago Actions #9
- Related to Task #2757: improve protocol detection added
VJ Updated by Victor Julien about 7 years ago Actions #10
- Assignee set to Community Ticket
VJ Updated by Victor Julien almost 7 years ago Actions #11
- Related to Bug #2978: IRC traffic parsed by FTP added
VJ Updated by Victor Julien over 5 years ago Actions #12
- Related to Task #4151: Research: New protocol support added
VJ Updated by Victor Julien over 5 years ago Actions #13
- Related to Task #4097: Suricon 2020 brainstorm added
VJ Updated by Victor Julien over 5 years ago Actions #14
- Label Protocol added
Actions