General

Profile

Philippe Antoine

  • Login: catenacyber
  • Registered on: 01/25/2018
  • Last connection: 07/23/2021

Issues

open closed Total
Assigned issues 24 132 156
Reported issues 12 85 97

Projects

Project Roles Registered on
Suricata Developer, OISF Team 12/05/2018
Suricata-Update Developer, OISF Team 12/05/2018

Activity

07/27/2021

07:55 PM Suricata Bug #4171 (Closed): Failed assert in TCPProtoDetectCheckBailConditions size_ts > 1000000UL
https://github.com/OISF/suricata/pull/6244
Philippe Antoine

07/23/2021

03:25 PM Suricata Bug #3323: ipv6 evasions
For parasite6, ie the IPv6 version of an ARP cache poisoning, we could have an alert if we see 2 packets @icmpv6.type... Philippe Antoine

07/21/2021

07:50 AM Suricata Bug #4273: protodetect: SEGV due to NULL ptr deref
Oh, but I see @flags=41@ in the stack trace, that means @STREAM_START | STREAM_MIDSTREAM@ but no @STREAM_DEPTH@
I ...
Philippe Antoine

07/20/2021

08:38 AM Suricata Bug #3323: ipv6 evasions
flood advertise6 is interesting.
It is a pure DOS : just send many spoofed messages so that Suricata allocates many ...
Philippe Antoine
08:06 AM Suricata Bug #3323: ipv6 evasions
So, global status :
- covert send6 : S-V PR https://github.com/OISF/suricata-verify/pull/518
- denial6-1, 2, 3, 4, 7 ...
Philippe Antoine
07:54 AM Suricata Bug #3323: ipv6 evasions
That comment about dos new ipv6 goes also for fake mldrouter advertise Philippe Antoine
07:49 AM Suricata Bug #3323: ipv6 evasions
I do not understand the Chiron attack.
dos new ipv6 is about spoofing. The way to detect this would be to have a r...
Philippe Antoine

07/19/2021

03:21 PM Suricata Bug #3323: ipv6 evasions
So, here is what I gather from denial6-6
Paper says
> It detects the denial6-6 attack that Suricata missed and wa...
Philippe Antoine

07/14/2021

07:55 AM Suricata Task #4067: http2: overload existing http keywords to support http/2
After https://github.com/OISF/suricata/pull/6183
There will be the following questions where we want the opinion of ...
Philippe Antoine

07/12/2021

04:13 PM Suricata Bug #4273: protodetect: SEGV due to NULL ptr deref
It looks to me that to trigger this bug, we need :
- a gat at the stream start
- reach the stream depth
- and @Che...
Philippe Antoine

Also available in: Atom