General

Profile

Will Metcalf

Issues

Projects

Activity

08/05/2014

11:55 AM Suricata Optimization #1242: Huge performance decrease with /dev/zero traffic
We can add a set of Nulls preceding the windows match which should improve perf. Seems present in all samples.

05/02/2014

04:55 AM Suricata Revision 26169ad8: Look for Mismatched Encrypted HB request and response sizes, along with multip...

11/23/2013

07:40 AM Suricata Optimization #1044 (Closed): TLS buffers evaluated by fast_pattern matcher.
As far as I can tell tls.* buffers are not evaluated by the fast_pattern matcher. If this is correct is there a reaso...

11/19/2013

04:20 PM Suricata Feature #885: smtp file_data support
This has been TBD'd?!?! Wheres Peter? I need a shoulder to cry on. We need this.

10/26/2013

05:50 AM Suricata Feature #1010: dns fuzzer
http://nmap.org/nsedoc/scripts/dns-fuzz.html

10/23/2013

05:25 AM Suricata Feature #1008 (Closed): Optionally have http_uri buffer start with uri path for use in proxied en...
We need a toggle in the libhtp config to have the http_uri buffer point to the beginning of the URI path for proxied ...

09/11/2013

07:46 AM Suricata Bug #951 (Closed): Rule performance stats sort by "ticks" is not properly ordered.
profiling:
rules:
enabled: yes
filename: perf.txt
append: yes
sort: ticks
--------------...

03/22/2013

08:58 PM Suricata Feature #783 (New): LuaJIT be able to return various messages for a single script.
Using the following example script we do the following detections and more inside of JAR files
https://github.com...

12/05/2012

11:42 AM Suricata Feature #663 (Closed): LuaJIT relative matches
It would be very helpful to have relative matches for LuaJIT. The gmatch iterator in Lua seems rather slow, so it wou...
11:02 AM Suricata Feature #593: luajit: per flow vars and ints
Actually I thought I had mentioned flowvar access here as well but I had not. Being able to set/check flowvars in add...

Also available in: Atom