Optimization #7026: app-protos: trigger raw stream reassembly - Suricata - Open Information Security Foundation

Actions

Copy link

Optimization #7026

open

app-protos: trigger raw stream reassembly

Added by Juliana Fajardini Reichow 4 months ago. Updated 2 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

8.0.0-beta1

Effort:

Difficulty:

Label:

Description

For application layer protocols over TCP that have transactions, we may need to trigger stream reassembly once they have at least one full message parseable, to avoid missing alerts that happen early on in the stream (as seen with #7004).

Subtasks 5 (3 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Optimization #7026

app-protos: trigger raw stream reassembly

Updated by OISF Ticketbot 4 months ago

Updated by OISF Ticketbot 4 months ago

Updated by Juliana Fajardini Reichow 4 months ago

Updated by Juliana Fajardini Reichow 4 months ago

Updated by Juliana Fajardini Reichow 4 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Bug #7000: pgsql: partially incorrect tx_id tracking	Resolved	Juliana Fajardini Reichow	Actions
Bug #7001: pgsql: partially incorrect tx_id tracking (7.0.x backport)	In Progress	Juliana Fajardini Reichow	Actions
Optimization #7018: dns/tcp: allow triggering raw stream reassembly	Closed	Juliana Fajardini Reichow	Actions
Optimization #7075: dns/tcp: allow triggering raw stream reassembly (7.0.x backport)	Closed	Juliana Fajardini Reichow	Actions
Optimization #7076: pgsql: trigger raw stream reassembly when tx completed	In Progress	Juliana Fajardini Reichow	Actions