- Email: email@example.com
- Registered on: 10/11/2012
- Last connection: 08/09/2017
- Suricata (Developer, 06/24/2014)
- 04:04 PM Suricata Feature #2192: JA3 TLS client fingerprinting
- JA3 looks cool. It would probably not be that much job to add it. I'll be willing to implement it. I'm thinking:
- 07:41 AM Suricata Revision 23f8cc4a: app-layer-tls: don't decode client certificates
- Decoding client certificate overwrites the validity dates from the
server certificate, so we therefore don't decode i...
- 03:43 AM Suricata Revision 72c75743: app-layer: add decoder event for missing TLS after STARTTLS
- 03:43 AM Suricata Revision 11b9e6fd: app-layer-ftp: add STARTTLS support
- 03:43 AM Suricata Revision 8125f78f: app-layer-ftp: detect FTP alproto when using AUTH TLS
- Try to detect FTP using the patterns '220 (' and 'FEAT', since 'USER '
and 'PASS ' are not sent in cleartext when usi...
- 03:43 AM Suricata Revision 74aa6507: output-json-tls: log 'from_proto' field
- Log the original application level protocol when protocol have been
changed because of STARTTLS, HTTP CONNECT or simi...
- 03:43 AM Suricata Revision e8800b18: app-layer-smtp: add STARTTLS support
- 03:43 AM Suricata Revision b6c2b705: app-layer-htp: add HTTP CONNECT support
- 03:43 AM Suricata Revision b8d13f35: app-layer: support changing flow alproto
- Support changing the application level protocol for a flow. This is
needed by STARTTLS and HTTP CONNECT to switch fro...
- 09:19 AM Suricata Revision 8b9f84bf: doc: add documentation for date modifiers in eve-log
Also available in: Atom