General

Profile

David Wharton

  • Login: dwharton
  • Registered on: 03/16/2013
  • Last sign in: 01/06/2021

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 4 9 13

Activity

01/06/2021

04:14 AM Suricata Bug #4225: SC_ERROR_CONF_YAML_ERROR anomaly logger error when in socket mode
I was about to report this but Brandon beat me to it.
When Suricata starts in socket mode, OutputAnomalyLoggerEnab...
David Wharton

02/12/2020

03:24 AM Suricata Bug #3467 (Closed): Alert metadata not present in EVE output when using Socket Control Pcap Processing Mode
Suricata has long supported the "metadata" keyword in rules and since version 4.1, has included the metatdata informa... David Wharton

01/26/2020

06:39 AM Suricata Bug #3448 (Closed): Suricata 4.1 Seg Fault: Socket Control pcap-file and corrupt pcap
Suricata 4.1 (tested on 4.1.5 and 4.1.6) seg faults when using socket control, and sending the "pcap-file" command wi... David Wharton

01/06/2020

07:24 PM Suricata Bug #3436 (New): Suricata Socket Control crashing using command 'reopen-log-files'
Creating per Victor's request.
Suricata is core dumping and seg faulting when calling the socket control command "...
David Wharton

03/21/2019

12:21 PM Suricata Support #2890: HTTP alert isn't triggered when writing ".." as part of the scanned URI
This isn't a bug, it is expected and desired behavior.
The 'http_uri' buffer is a normalized buffer which means th...
David Wharton

11/17/2018

12:44 AM Suricata Feature #2689: http: Normalized HTTP client body buffer
This could possibly be implemented as a transform but seems more natural to treat similar to the http_uri normalized ... David Wharton
12:23 AM Suricata Feature #2689 (Closed): http: Normalized HTTP client body buffer
Currently the 'http_uri' buffer is normalized. This is a request to extend the same normalization (URI decode) to th... David Wharton

11/12/2018

02:29 PM Suricata Feature #2670 (Closed): tls_cert sticky buffer
*Feature Request:*
_tls_cert_ sticky buffer for the entire parsed out SSL certificate.
*Notes:*
* Similar to o...
David Wharton
02:13 PM Suricata Feature #1249: http/dns ip-reputation alike technique
I agree that having DNS Reputation would be valuable. It could be called "dnsrep" since it would be like iprep but f... David Wharton

09/12/2018

02:46 PM Suricata Feature #2311: math on extracted values
While Suricata has matured to the point where it should be defining IDS rule capabilities instead of reacting to othe... David Wharton

Also available in: Atom