Project

General

Profile

Actions
Copy link

Bug #6178

open

dns: erroneous app_proto settings in rule analysis

Added by Shivani Bhardwaj 10 months ago.

Status:
Assigned
Priority:
Normal
Assignee:
Jason Ish
Target version:
TBD
Affected Versions:
Effort:
Difficulty:
Label:

Description

For the rule with sid: 1371257161 in https://github.com/OISF/suricata-verify/blob/master/tests/bug-2917/test.rules, the engine-analysis shows no app-proto for any engines. This is unexpected and is possibly a bug during parsing of the rule.

Rule in question:

alert dns any any -> any any (msg:"DNS TEST"; isdataat:129 ; app-layer-event:dns.malformed_data; sid:1371257161; rev:1;)

Related issues 1 (0 open1 closed)

Related to Suricata - Bug #2917: Unable to find the sm in any of the sm listsClosedShivani BhardwajActions
Actions
Copy link
 #1

Updated by Shivani Bhardwaj 10 months ago

  • Related to Bug #2917: Unable to find the sm in any of the sm lists added
Actions
Copy link

Also available in: Atom PDF