General

Profile

Jason Williams

  • Login: jae
  • Registered on: 03/22/2017
  • Last sign in: 10/21/2021

Issues

open closed Total
Assigned issues 0 1 1
Reported issues 4 8 12

Activity

08/27/2021

08:12 PM Suricata Task #4067: http2: overload existing http keywords to support http/2
> There will be the following questions where we want the opinion of signature writers :
>
> - http.request_body and ... Jason Williams

05/16/2021

12:34 AM Suricata Feature #3688 (Closed): Re-implement fast_pattern:only; in some way
Jason Williams

05/03/2020

04:10 PM Suricata Feature #3688: Re-implement fast_pattern:only; in some way
Victor Julien wrote in #note-1:
> @http.user_agent; content:"test"; startswith;@ is essentially the same as @http.us... Jason Williams

05/02/2020

05:43 PM Suricata Feature #3688 (Closed): Re-implement fast_pattern:only; in some way
I've been working on updating the Suricata 5 ET/ETPRO set over the past few weeks to proper notation and it is very a... Jason Williams

02/26/2020

11:23 PM Suricata Bug #3505 (Closed): Negations on contents within the http_cookie buffer causes FN if no http_cookie is present
For the below http request:
> POST /wp-content/uploads/2020/02/phish/phish/process1.php HTTP/1.1
> Accept-Encodin... Jason Williams

02/20/2020

10:45 PM Suricata Feature #3494: rules: Keyword for determining if the http_host is an ip address
I typo'd the pcre from memory, but you know what i mean...
pcre:"/^(?:\d{1,3}\.){3}\d{1,3}(?:\x3a\d{1,5})?$/W"; Jason Williams
10:43 PM Suricata Feature #3494 (New): rules: Keyword for determining if the http_host is an ip address
In the ET ruleset in order to express the fact that http communications are going to an IP address rather than a host... Jason Williams

04/14/2018

07:59 PM Suricata Feature #2488 (New): HTML Parsing / Buffers
We write a lot of signatures on the contents of html in file_data. It would be awesome to be able to do some parsing/... Jason Williams
07:46 PM Suricata Feature #2283: turn content modifiers into 'sticky buffers'
After some time thinking about this, perhaps the initial 'http_' portion of the buffer name is not needed?
our ru... Jason Williams
06:53 PM Suricata Feature #2487 (New): Buffers for field/value pairs in http_uri and http_client_body
We've found http_header_names to be one of our favorite new 4.0 buffers and would like to see if we could carry over ... Jason Williams

Also available in: Atom