Project

General

Profile

Actions
Copy link

Bug #8266

open
SB SB

detect: erroneous alerts due to inconsistency between applayer and stream

Bug #8266: detect: erroneous alerts due to inconsistency between applayer and stream

Added by Shivani Bhardwaj 2 months ago. Updated 2 months ago.

Status:
In Progress
Priority:
Normal
Assignee:
Shivani Bhardwaj
Target version:
9.0.0-beta1
Affected Versions:
Effort:
Difficulty:
high
Label:

Description

In cases like https://github.com/OISF/suricata/pull/14649#issuecomment-3800282224 applayer can progress faster than stream, this can lead to inconsistent alerts and maybe more issues [TODO] (still being researched).

Related issues 1 (1 open0 closed)

Blocks Suricata - Task #7863: smb: trigger raw stream inspectionAssignedShivani BhardwajActions

SB Updated by Shivani Bhardwaj 2 months ago Actions
Copy link
 #1

  • Subject changed from stream: erroneous detection results due to inconsistency between applayer and stream to detect: erroneous alerts due to inconsistency between applayer and stream

SB Updated by Shivani Bhardwaj 2 months ago Actions
Copy link
 #2

  • Related to Task #7863: smb: trigger raw stream inspection added

SB Updated by Shivani Bhardwaj 2 months ago Actions
Copy link
 #3

  • Related to deleted (Task #7863: smb: trigger raw stream inspection)

SB Updated by Shivani Bhardwaj 2 months ago Actions
Copy link
 #4

  • Blocks Task #7863: smb: trigger raw stream inspection added

SB Updated by Shivani Bhardwaj 2 months ago Actions
Copy link
 #5

  • Status changed from Assigned to In Progress
  • Difficulty set to high
Actions
Copy link

Also available in: PDF Atom