Project

General

Profile

Actions
Copy link

Bug #3421

closed

reject support break udp packets( like DNS deception)

Added by KingJJ wang over 4 years ago. Updated 10 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

we use suricata work as ids. i reject a lot of signatures, it work good about TCPs. help us solve many problems.

we find lot's of troubles can use dns to deal .
so i think : suricata can deception DNS by the time 'reject dns any any <> any any ...' ,it will solve many problems.

Actions
Copy link
 #1

Updated by KingJJ wang over 4 years ago

hello , i think this support is useful for lots of people.
Do you think about support?

thank you.

Actions
Copy link
 #2

Updated by Andreas Herz over 3 years ago

  • Tracker changed from Support to Feature
  • Affected Versions deleted (Support)
Actions
Copy link
 #3

Updated by Victor Julien over 3 years ago

  • Tracker changed from Feature to Bug

Can you give more info about what is not working? Reject support was also improved in Suricata 6, so can you try that first?

Finally if Suricata sends bad packets, can you share a capture of what it sends?

Actions
Copy link
 #4

Updated by Philippe Antoine 10 months ago

  • Status changed from New to Closed

Closing as missing details, feel free to reopen with more explanations

Actions
Copy link

Also available in: Atom PDF