Project

General

Profile

Actions

Feature #4587

closed

dhcp: vendor class indentifier support

Added by Jason Ortiz about 3 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:
Beginner, Good First Issue, Protocol, Rust

Description

DHCP Option 60 (vendor class identifier) is a very useful field in using DHCP Inform packets to identify various devices on a network. If Suricata could log this option it would open many opportunities for creating alerts for or identifying specific things on the network. I am not sure what level of effort would be required to log this option as I just joined the community so any help would be greatly appreciated!

Actions

Also available in: Atom PDF