General

Profile

Antti Tönkyrä

Issues

Projects

Activity

04/16/2018

11:04 AM Suricata Bug #2490: Filehash rule does not fire without filestore keyword
Oops, missed the actual commands leading to the with-filestore execution:...
11:01 AM Suricata Bug #2490 (New): Filehash rule does not fire without filestore keyword
I was testing some filehash rules and encountered an issue where suricata alert does not fire without filestore keywo...

03/20/2018

10:27 AM Suricata Revision d6a98aa1: stream-tcp: add counters for midstream pickups
If midstream pickups are enabled this will help in discovering how
many midstream pickups are being done by Suricata.

04/07/2017

07:43 AM Suricata Bug #2090: Rule-reload in multi-tenancy is buggy
suricata.log when run with -vv...
06:37 AM Suricata Bug #2090: Rule-reload in multi-tenancy is buggy
From debian sources, detect-engine.c:1228 looks to be...
06:22 AM Suricata Bug #2090 (New): Rule-reload in multi-tenancy is buggy
Observed version 3.2.1-1 (Debian Stretch)
I have observed several failure cases when performing rule reloads in mu...

10/05/2016

03:33 AM Suricata Bug #1911 (New): Commandline provided configuration values don't persist after initial startup
When using --set key=value commandline arguments to set some configuration parameters on startup, it seems that those...

08/27/2015

03:36 AM Suricata Feature #1535 (Closed): Expose the certificate itself in TLS-lua
Current development version of TLS-lua only exposes certificate metadata to lua scripts.
I propose a feature where...

07/23/2015

09:05 AM Suricata Feature #1514 (Closed): SSH softwareversion regex should allow colon
Trojaned PuTTY builds have become more common recently, one method to catch some of them is to look for the version s...

03/30/2015

09:39 AM Suricata Bug #1435: EVE-Log alert payload option loses data
And here's the output section regarding EVE-log...

Also available in: Atom