General

Profile

Mats Klepsland

Issues

Projects

Activity

01/18/2019

04:45 PM Suricata Bug #2762: SSLv3 - AddressSanitizer heap-buffer-overflow
I have confirmed that I can replicate the bug. I'll take a closer look as soon as possible. Mats Klepsland

11/21/2018

11:57 AM Suricata Feature #2698: hassh and hasshServer for ssh fingerprinting
The JA3 equivalent for SSH is called hassh (and hasshServer for JA3s):
https://github.com/salesforce/hassh
It wou...
Mats Klepsland

11/16/2018

10:04 PM Suricata Feature #2684: Add JA3S
Preview implemented in:
https://github.com/OISF/suricata/pull/3547
Mats Klepsland

11/13/2018

05:46 PM Suricata Feature #2670: tls_cert sticky buffer
Of course, Victor! :) Mats Klepsland

10/16/2018

08:40 PM Suricata Optimization #2592: document ssl_version keyword
I'll take this one. Mats Klepsland
06:47 PM Suricata Optimization #2591: document ssh keywords
I'll document this one. Mats Klepsland

08/09/2017

04:04 PM Suricata Feature #2192: JA3 TLS client fingerprinting
JA3 looks cool. It would probably not be that much job to add it. I'll be willing to implement it. I'm thinking:
* ...
Mats Klepsland

04/06/2017

02:31 AM Suricata Feature #2011: eve.alert: print outside IP addresses on alerts on traffic inside tunnels
Implemented in https://github.com/inliniac/suricata/pull/2566 Mats Klepsland
02:29 AM Suricata Feature #1998: eve.tls: custom TLS logging
Implemented in https://github.com/inliniac/suricata/pull/2580 Mats Klepsland
02:28 AM Suricata Feature #2006: tls: decode certificate serial number
Implemented in https://github.com/inliniac/suricata/pull/2589 Mats Klepsland

Also available in: Atom