Open Information Security Foundation

01/25/2023

03:31 PM Suricata Bug #5811: smb: tx logs sometimes have duplicate `tree_id` output

In addition to that I would also check if we read the correct tree_id.
In `smb-named-pipe-ascii-frames` we have th... Andreas Herz

03:08 PM Suricata Bug #5811: smb: tx logs sometimes have duplicate `tree_id` output

The reason for that is, that in `rust/src/smb.log.rs` we have an additional entry that is print in addition:... Andreas Herz

02:57 PM Suricata Bug #5811: smb: tx logs sometimes have duplicate `tree_id` output

Initial report at the forum, see https://forum.suricata.io/t/all-event-type-smb-events-have-double-tree-id-in-the-eve... Andreas Herz

02:56 PM Suricata Bug #5811 (Closed): smb: tx logs sometimes have duplicate `tree_id` output

We have those events even for some suricata-verify tests, so should be easy to reproduce and debug, see for example:
... Andreas Herz

01/17/2023

03:16 PM Suricata Bug #5756: datasets: ipv4.src/dst, ip.src/dst check rules match on pseudo packets

@vjulien do you have an example for that so I can try to reproduce and debug it? Andreas Herz

01/10/2023

10:39 AM Suricata Bug #5778: ftp fileinfo and extraction seem not to trigger when it should

I found another pcap with ftp-data where the file extraction is working, but not properly. It's octet-stream/data ins... Andreas Herz

12/13/2022

07:57 AM Suricata Bug #3075 (New): RX thread hang in pcap-file mode

Andreas Herz

07:54 AM Suricata Bug #3075 (In Progress): RX thread hang in pcap-file mode

Andreas Herz

10/14/2022

11:50 AM Suricata Bug #5576: Dataset is setting data despite the signature being a complete match

https://github.com/OISF/suricata-verify/pull/959 Andreas Herz

11:33 AM Suricata Bug #5576 (In Review): Dataset is setting data despite the signature being a complete match

The following rule doesn't match on the content of the pcap:... Andreas Herz