Project

General

Profile

Actions

Bug #3794

closed

DNP3 probing parser does not detect the proper direction in midstream

Added by Jeff Lucovsky over 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Protocol

Description

From https://github.com/OISF/suricata/pull/5063/files#r438691794

Reproducer with attached pcap, run with --set stream.midstream=true

DNP3ProbingParser should set *rdir = 1 with the right conditions
Wireshark filter dnp3.ctl & 0x80 indicates a request


Files

dnp3_confirm.pcap (121 Bytes) dnp3_confirm.pcap Philippe Antoine, 06/16/2020 07:30 AM

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3772: DNP3 probing parser does not detect the proper direction in midstreamClosedPhilippe AntoineActions
Actions

Also available in: Atom PDF