Support #3899: How to detect attacks in the infinite payloads? - Suricata - Open Information Security Foundation

Actions

Copy link

Support #3899

closed

How to detect attacks in the infinite payloads?

Added by Zhu Zhu over 3 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Affected Versions:

5.0.1

Label:

Description

I have the infinite payloads to check，and try to match each payload with all ET rules（amount is about 40k）.
I tried with unit test functions to create a full package and also load signatures with unit test functions, however, it is very slow in this situation. Is there any suggestion to resolve my problem?

ps: The suricata version is 5.0.1.

Actions

Copy link

Updated by Andreas Herz over 3 years ago

https://forum.suricata.io/t/how-to-detect-attacks-in-the-infinite-payloads/529/3

Actions

Copy link

Updated by Andreas Herz over 2 years ago

Status changed from New to Closed

Hi, we're closing this issue since there have been no further responses.
If you think this issue is still relevant, try to test it again with the
most recent version of suricata and reopen the issue. If you want to
improve the bug report please take a look at
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Support #3899

How to detect attacks in the infinite payloads?

Updated by Andreas Herz over 3 years ago

Updated by Andreas Herz over 2 years ago