Actions
Task #7743
open
SB
SB
http: trigger raw stream inspection
Task #7743:
http: trigger raw stream inspection
Effort:
Difficulty:
high
Label:
Description
For application layer protocols over TCP that have transactions, we need to trigger stream inspection once they have at least one full message parseable, to avoid missing alerts that happen early on in the stream (as seen with #7004).
The effort done around this resulted in some failing s-v tests. So, it has been skipped for now but should be looked at.
SB Updated by Shivani Bhardwaj 10 months ago
- Copied from Task #7742: ftp: trigger raw stream inspection added
SB Updated by Shivani Bhardwaj 10 months ago
- Copied from deleted (Task #7742: ftp: trigger raw stream inspection)
SB Updated by Shivani Bhardwaj 10 months ago
- Related to Bug #7004: app-layer: wrong tx may be logged for stream rules added
SB Updated by Shivani Bhardwaj 10 months ago
- Related to Task #7026: app-protos: trigger raw stream inspection added
SB Updated by Shivani Bhardwaj 9 months ago
- Related to Optimization #5076: keyword content does not work over reassembled TCP added
SB Updated by Shivani Bhardwaj 8 months ago
- Copied to Task #7863: smb: trigger raw stream inspection added
SB Updated by Shivani Bhardwaj 20 days ago
- Copied to deleted (Task #7863: smb: trigger raw stream inspection)
SB Updated by Shivani Bhardwaj 10 days ago
- Status changed from New to Assigned
Actions