Matt Carothers
- Login: matt
- Registered on: 11/09/2012
- Last connection: 10/29/2014
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 0 | 1 | 1 |
| Reported issues | 0 | 3 | 3 |
Activity
10/29/2014
- 02:59 PM Suricata Bug #1190: http_header keyword not matching when SYN|ACK and ACK missing
- Thanks, Victor. The latest version from git now functions correctly for the case of the missing SYN|ACK and ACK. Th...
10/23/2014
- 07:21 PM Suricata Bug #1190: http_header keyword not matching when SYN|ACK and ACK missing
- I could have sworn I attached a pcap to the original report. This pcap should trigger both rules, but it only trigge...
- 07:15 PM Suricata Bug #1190: http_header keyword not matching when SYN|ACK and ACK missing
- Sorry Victor, I totally missed your reply. I tested again today from git, and the bug still exists.
05/07/2014
- 01:36 PM Suricata Bug #1190 (Closed): http_header keyword not matching when SYN|ACK and ACK missing
- When using async-oneside and midstream, the http_header keyword does not function in some cases. Example rules:
a...
03/27/2014
- 01:08 PM Suricata Feature #1155: Log packet payloads in eve alerts
- Victor Julien wrote:
> Making logging depending on rules is a very different subject, and certainly non-trivial. As ... - 01:08 PM Suricata Feature #1155: Log packet payloads in eve alerts
- Oops, wrong patch file. Let's try this again.
- 12:45 PM Suricata Feature #1155 (Closed): Log packet payloads in eve alerts
- Log packet payloads and full packets in JSON alert output.
* Payload should be printable strings and newlines only...
11/12/2012
- 12:10 PM Suricata Bug #623: 1.4b2 core dump with pf_ring and PAE kernel
- Eric Leblond wrote:
> OK. It looks like a PF_RING issue as the crash occurs inside pf_ring_open.
>
> What is the ... - 10:01 AM Suricata Bug #623: 1.4b2 core dump with pf_ring and PAE kernel
- Sure, here you go: https://dl.dropbox.com/u/97846692/suricata-1.4b2-pfring.tar.bz2
That's Suricata itself as well ... - 08:26 AM Suricata Bug #623: 1.4b2 core dump with pf_ring and PAE kernel
- Oh, and the interfaces are not bridged. They are load balanced, however. Both interfaces will see traffic from the ...
Also available in: Atom