Open Information Security Foundation

05/28/2021

09:34 AM Suricata Bug #4503 (Closed): Buffer overflow in "by_rule" threshold context

Several servers running Suricata has been crashing occasionally. I managed to get a PCAP file reproducing the bug on ... Mats Klepsland

01/28/2020

06:30 PM Suricata Feature #3293: eve: per thread output files

Jeff Lucovsky wrote:
> @mats Will you be able to work on this issue? If not, I'd be happy to pick it up.
Hi, Jeff... Mats Klepsland

09/13/2019

09:46 PM Suricata Bug #3162 (Closed): TLS Lua output does not work without TLS log

It seems that the TLS Lua output logger is not registered, causing it to not work unless TLS log is enabled. This wil... Mats Klepsland

03/29/2019

01:18 PM Suricata Bug #2907 (Closed): Sometimes TLS Logs are missing

Mats Klepsland

01:18 PM Suricata Bug #2907 (Resolved): Sometimes TLS Logs are missing

I'm glad to hear that. Thanks for letting me know that it solved your problem :) Mats Klepsland

08:50 AM Suricata Bug #2907: Sometimes TLS Logs are missing

I took a look at the pcap's and it seems that most of them have packets with invalid checksums. They might have been ... Mats Klepsland

01/18/2019

04:45 PM Suricata Bug #2762: SSLv3 - AddressSanitizer heap-buffer-overflow

I have confirmed that I can replicate the bug. I'll take a closer look as soon as possible. Mats Klepsland

11/21/2018

11:57 AM Suricata Feature #2698: hassh and hasshServer for ssh fingerprinting

The JA3 equivalent for SSH is called hassh (and hasshServer for JA3s):
https://github.com/salesforce/hassh
It wou... Mats Klepsland

11/16/2018

10:04 PM Suricata Feature #2684: Add JA3S

Preview implemented in:
https://github.com/OISF/suricata/pull/3547 Mats Klepsland

11/13/2018

05:46 PM Suricata Feature #2670: tls_cert sticky buffer

Of course, Victor! :) Mats Klepsland