General

Profile

Francis Trudeau

Issues

open closed Total
Assigned issues 0 1 1
Reported issues 1 12 13

Activity

06/24/2020

05:12 PM Suricata Bug #3780 (Rejected): Negated content with distance FP
The following signature:
alert udp any any -> any any (msg:"Negated content with distance test"; content:"|C0 0C 0...
Francis Trudeau

05/04/2020

06:36 PM Suricata Bug #3691 (Closed): strip_whitespace doesn't strip_whitespace
strip_whitespace appears to do nothing. Given the following rule:... Francis Trudeau

04/16/2020

08:31 PM Suricata Bug #3616: strip_whitespace causes FN
After Peter and I mucking with this we found that _strip_whitespace_ rules work, if no other rule has _file_data_ wit... Francis Trudeau

04/07/2020

03:22 PM Suricata Bug #3616: strip_whitespace causes FN
Peter Manev wrote in #note-3:
> Yes, was thinking if it would make a diff - however - either way it alerts on my lo...
Francis Trudeau
12:18 AM Suricata Bug #3616 (Closed): strip_whitespace causes FN
Tested in version 6.0.0-dev (ed8f48b05 2020-04-06), 5.0.2, 4.1.7.
The following sigs do NOT fire on the attached p...
Francis Trudeau

07/30/2019

06:34 PM Suricata Bug #3101 (Closed): Suricata not using 'default-log-dir' in YAML
Suricata latest ran without -l doesn't log to the directory set in the YAML:... Francis Trudeau

12/28/2017

11:22 AM Suricata Bug #2395: File_data inspection depth while inspecting base64 decoded data
That I do not know. I'll see what I can find out.
Bryant Smith wrote:
> So I added your filestore signature to...
Francis Trudeau

12/27/2017

07:19 PM Suricata Bug #2395: File_data inspection depth while inspecting base64 decoded data
Bryant Smith wrote:
> Here is what I have for those values. Most of what is in my yaml file is default. Would ther...
Francis Trudeau
11:02 AM Suricata Bug #2395: File_data inspection depth while inspecting base64 decoded data
Your unmodified rule fires for me here:... Francis Trudeau

12/05/2017

05:28 PM Suricata Bug #2333: Suricata doesn't see http traffic as http traffic in wierd proxy
Victor Julien wrote:
> So this is not valid HTTP as the server and client have switched places. I don't think Surica...
Francis Trudeau

Also available in: Atom