Task #7863: smb: trigger raw stream inspection - Suricata - Open Information Security Foundation

Actions

Copy link

Task #7863

open

smb: trigger raw stream inspection

Added by Shivani Bhardwaj about 1 month ago. Updated about 1 month ago.

Status:

Assigned

Priority:

Normal

Assignee:

Shivani Bhardwaj

Target version:

9.0.0-beta1

Effort:

Difficulty:

high

Label:

Description

For application layer protocols over TCP that have transactions, we need to trigger stream inspection once they have at least one full message parseable, to avoid missing alerts that happen early on in the stream (as seen with #7004).

Related issues 1 (1 open — 0 closed)

History
Property changes

Actions

Copy link

Updated by Shivani Bhardwaj about 1 month ago

Copied from Task #7743: http: trigger raw stream inspection added

Actions

Copy link

Updated by Shivani Bhardwaj about 1 month ago

Target version changed from 8.0.1 to 9.0.0-beta1

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Task #7863

smb: trigger raw stream inspection

Updated by Shivani Bhardwaj about 1 month ago

Updated by Shivani Bhardwaj about 1 month ago