Open Information Security Foundation

02/04/2025

07:47 PM Suricata Feature #7471 (In Progress): detect/ldap: add ldap.distinguished_name keywords for request and response

https://github.com/OISF/suricata/pull/12529 Philippe Antoine

02/02/2025

07:45 PM Suricata Feature #7539: detect: add keyword ldap.mod_dn_request.new_rdn

This is a sticky buffer Philippe Antoine

07:44 PM Suricata Feature #7538: detect: keyword ldap.modify_request.operation

This is an enumeration, right ? Philippe Antoine

07:43 PM Suricata Feature #7536: detect: add keywords for BindRequest

ldap.bind_request.authentication is an enum + an octet string... Philippe Antoine

07:42 PM Suricata Feature #7534: detect: add ldap.request.message_id and ldap.responses.message_id

Actually not sure if it should be directional for this one... Philippe Antoine

07:39 PM Suricata Feature #7532: detect: add keywords for LDAPResult

There is no ldap.request.result_code it is only in responses right ? Philippe Antoine

07:38 PM Suricata Feature #7471: detect/ldap: add ldap.distinguished_name keywords for request and response

Could you please tell the json fields it maps to ? Philippe Antoine

01/29/2025

09:06 PM Suricata Bug #7523 (In Review): rules/prefilter: prefilter keyword ignored when in content rule

https://github.com/OISF/suricata/pull/12493 Philippe Antoine

07:27 PM Suricata Feature #511 (Closed): Port indepedent protocol identification (nDPI)

Now in progress in #7231 Philippe Antoine

01/28/2025

03:41 PM Suricata Optimization #7529 (In Review): detect/dns: move wrapper code from C to rust

https://github.com/OISF/suricata/pull/12496 Philippe Antoine