General

Profile

Jason Williams

  • Login: jae
  • Registered on: 03/22/2017
  • Last connection: 11/03/2020

Issues

open closed Total
Assigned issues 1 0 1
Reported issues 7 5 12

Projects

Project Roles Registered on
Suricata Developer 11/20/2017
Suricata-Update Developer 11/20/2017

Activity

05/03/2020

04:10 PM Suricata Feature #3688: Re-implement fast_pattern:only; in some way
Victor Julien wrote in #note-1:
> @http.user_agent; content:"test"; startswith;@ is essentially the same as @http.us...
Jason Williams

05/02/2020

05:43 PM Suricata Feature #3688 (Feedback): Re-implement fast_pattern:only; in some way
I've been working on updating the Suricata 5 ET/ETPRO set over the past few weeks to proper notation and it is very a... Jason Williams

02/26/2020

11:23 PM Suricata Bug #3505 (New): Negations on contents within the http_cookie buffer causes FN if no http_cookie is present
For the below http request:
> POST /wp-content/uploads/2020/02/phish/phish/process1.php HTTP/1.1
> Accept-Encodin...
Jason Williams

02/20/2020

10:45 PM Suricata Feature #3494: Keyword for determining if the http_host is an ip address
I typo'd the pcre from memory, but you know what i mean...
pcre:"/^(?:\d{1,3}\.){3}\d{1,3}(?:\x3a\d{1,5})?$/W";
Jason Williams
10:43 PM Suricata Feature #3494 (New): Keyword for determining if the http_host is an ip address
In the ET ruleset in order to express the fact that http communications are going to an IP address rather than a host... Jason Williams

04/14/2018

07:59 PM Suricata Feature #2488 (New): HTML Parsing / Buffers
We write a lot of signatures on the contents of html in file_data. It would be awesome to be able to do some parsing/... Jason Williams
07:46 PM Suricata Feature #2283: turn content modifiers into 'sticky buffers'
After some time thinking about this, perhaps the initial 'http_' portion of the buffer name is not needed?
our ru...
Jason Williams
06:53 PM Suricata Feature #2487 (New): Buffers for field/value pairs in http_uri and http_client_body
We've found http_header_names to be one of our favorite new 4.0 buffers and would like to see if we could carry over ... Jason Williams
06:43 PM Suricata Feature #2486 (Assigned): prefilter/fast_pattern logic for flowbits
It would be useful to have a way to indicate that a rule with a flowbit check should only be checked in the event tha... Jason Williams

04/05/2018

07:22 PM Suricata Bug #2479 (New): http_cookie negation fails if no cookie in traffic
Given the below example rule where we are looking for a HTTP POST with a http_cookie negation:... Jason Williams

Also available in: Atom