David Wharton
- Login: dwharton
- Registered on: 03/16/2013
- Last sign in: 01/06/2021
Issues
open | closed | Total | |
---|---|---|---|
Assigned issues | 0 | 0 | 0 |
Reported issues | 4 | 9 | 13 |
Activity
01/06/2021
- 04:14 AM Suricata Bug #4225: SC_ERROR_CONF_YAML_ERROR anomaly logger error when in socket mode
- I was about to report this but Brandon beat me to it.
When Suricata starts in socket mode, OutputAnomalyLoggerEnab...
02/12/2020
- 03:24 AM Suricata Bug #3467 (Closed): Alert metadata not present in EVE output when using Socket Control Pcap Processing Mode
- Suricata has long supported the "metadata" keyword in rules and since version 4.1, has included the metatdata informa...
01/26/2020
- 06:39 AM Suricata Bug #3448 (Closed): Suricata 4.1 Seg Fault: Socket Control pcap-file and corrupt pcap
- Suricata 4.1 (tested on 4.1.5 and 4.1.6) seg faults when using socket control, and sending the "pcap-file" command wi...
01/06/2020
- 07:24 PM Suricata Bug #3436 (New): Suricata Socket Control crashing using command 'reopen-log-files'
- Creating per Victor's request.
Suricata is core dumping and seg faulting when calling the socket control command "...
03/21/2019
- 12:21 PM Suricata Support #2890: HTTP alert isn't triggered when writing ".." as part of the scanned URI
- This isn't a bug, it is expected and desired behavior.
The 'http_uri' buffer is a normalized buffer which means th...
11/17/2018
- 12:44 AM Suricata Feature #2689: http: Normalized HTTP client body buffer
- This could possibly be implemented as a transform but seems more natural to treat similar to the http_uri normalized ...
- 12:23 AM Suricata Feature #2689 (Closed): http: Normalized HTTP client body buffer
- Currently the 'http_uri' buffer is normalized. This is a request to extend the same normalization (URI decode) to th...
11/12/2018
- 02:29 PM Suricata Feature #2670 (Closed): tls_cert sticky buffer
- *Feature Request:*
_tls_cert_ sticky buffer for the entire parsed out SSL certificate.
*Notes:*
* Similar to o... - 02:13 PM Suricata Feature #1249: http/dns ip-reputation alike technique
- I agree that having DNS Reputation would be valuable. It could be called "dnsrep" since it would be like iprep but f...
09/12/2018
- 02:46 PM Suricata Feature #2311: math on extracted values
- While Suricata has matured to the point where it should be defining IDS rule capabilities instead of reacting to othe...
Also available in: Atom