General

Profile

Jeff Lucovsky

  • Registered on: 02/18/2019
  • Last connection: 06/15/2019

Issues

Projects

Activity

07/17/2019

03:10 PM Suricata Optimization #3077: FTP parser command lookup
Also, address this comment from the FTP logging PR https://github.com/OISF/suricata/pull/3967#discussion_r302236153
...
Jeff Lucovsky
02:46 PM Suricata Bug #3093 (New): FTP logging needs suricata-verify tests
The FTP logging feature should have suricata-verify tests Jeff Lucovsky

07/06/2019

02:30 PM Suricata Optimization #3077 (Assigned): FTP parser command lookup
The FTP parser should use mpm when looking for commands instead of performing a linear search over the command coordi... Jeff Lucovsky

07/02/2019

10:12 PM Suricata Feature #2958: Suricata 5.0.0beta1 and way too much anomaly logging
We will be working to mitigate log volume by extending the anomaly configuration with the following toggles; each tog... Jeff Lucovsky
09:55 PM Suricata Optimization #2991 (Resolved): app-layer-event keyword tx handling
Fixed in https://github.com/OISF/suricata/pull/3950 Jeff Lucovsky
09:55 PM Suricata Bug #2942 (Resolved): anomaly log: app layer events
Fixed in https://github.com/OISF/suricata/pull/3950 Jeff Lucovsky
09:54 PM Suricata Feature #2941 (Resolved): anomaly log: add protocol detection events
Fixed in https://github.com/OISF/suricata/pull/3950 Jeff Lucovsky

06/27/2019

07:38 PM Suricata Bug #2978: IRC traffic parsed by FTP
We are not able to share this pcap file. Jeff Lucovsky

05/11/2019

04:57 PM Suricata Feature #2958: Suricata 5.0.0beta1 and way too much anomaly logging
Here are some possible directions for reducing anomaly log activity:
Options:
* Rate limit log records. Use a mec...
Jeff Lucovsky

05/09/2019

10:48 PM Suricata Bug #2978 (New): IRC traffic parsed by FTP
Some IRC traffic is being parsed by the FTP parser.
There is a (private) pcap that demonstrates the problem.
Jeff Lucovsky

Also available in: Atom