Open Information Security Foundation

04/13/2024

08:08 AM Suricata Bug #6956 (In Progress): mqtt: create PDU frames without regard to the parsing function

As recently discussed during the SIP TCP work [1], a PDU frame should be created regardless of whether the parsing fu... Giuseppe Longo

03/03/2024

05:34 PM Suricata Feature #6827 (In Progress): arp: implement decoder and logger

Let's add a decoder and logger for ARP protocol. Giuseppe Longo

02/28/2024

02:20 PM Suricata Feature #3351 (Closed): sip: parse traffic over tcp

Merged in https://github.com/OISF/suricata/pull/10522 Giuseppe Longo

12/13/2023

05:13 PM Suricata Feature #6627 (In Progress): SDP protocol: parser and logger

The SDP protocol is used by SIP to manage multimedia sessions. Giuseppe Longo

11/28/2023

08:33 PM Suricata Feature #3383: nflog: use mnl api

Victor would you consider these changes, or do you think it's not worth it?
PR: https://github.com/OISF/suricata/pul... Giuseppe Longo

08:27 PM Suricata Feature #3446: app-layer: implement MySQL parser

Do we want to try to get this parser merged in version 8?
I wrote some code a few years ago: https://github.com/glo... Giuseppe Longo

08:23 PM Suricata Feature #1199: protocol: LDAP support

I'd like to pick it up if nobody is currently working on it. Giuseppe Longo

09/23/2023

12:09 PM Suricata Feature #6374 (In Progress): Sticky buffers for sip headers

A common attack on sip servers consists of putting SQL injection or JS code into request headers.
Implementing stick... Giuseppe Longo

04/20/2023

09:22 PM Suricata Bug #5748: iprep/ipv6: memory leak on same input in different forms

Memory leak happens also with IPV4 addresses:... Giuseppe Longo

03/27/2023

02:54 PM Suricata Bug #5941 (Closed): DNS rules not matching when traffic is over tcp

I've found out that when dns traffic is over tcp and multiple dns rules are loaded,
they don't match when they shoul... Giuseppe Longo