Antti Tönkyrä

11:04 AM Suricata Bug #2490: Filehash rule does not fire without filestore keyword: Oops, missed the actual commands leading to the with-filestore execution:... Antti Tönkyrä
11:01 AM Suricata Bug #2490 (New): Filehash rule does not fire without filestore keyword: I was testing some filehash rules and encountered an issue where suricata alert does not fire without filestore keywo... Antti Tönkyrä

07:43 AM Suricata Bug #2090: Rule-reload in multi-tenancy is buggy: suricata.log when run with -vv... Antti Tönkyrä
06:37 AM Suricata Bug #2090: Rule-reload in multi-tenancy is buggy: From debian sources, detect-engine.c:1228 looks to be... Antti Tönkyrä
06:22 AM Suricata Bug #2090 (Closed): Rule-reload in multi-tenancy is buggy: Observed version 3.2.1-1 (Debian Stretch)
I have observed several failure cases when performing rule reloads in mu... Antti Tönkyrä

03:33 AM Suricata Bug #1911 (New): Commandline provided configuration values don't persist after initial startup: When using --set key=value commandline arguments to set some configuration parameters on startup, it seems that those... Antti Tönkyrä

03:36 AM Suricata Feature #1535 (Closed): Expose the certificate itself in TLS-lua: Current development version of TLS-lua only exposes certificate metadata to lua scripts.
I propose a feature where... Antti Tönkyrä

09:05 AM Suricata Feature #1514 (Closed): SSH softwareversion regex should allow colon: Trojaned PuTTY builds have become more common recently, one method to catch some of them is to look for the version s... Antti Tönkyrä

09:39 AM Suricata Bug #1435: EVE-Log alert payload option loses data: And here's the output section regarding EVE-log... Antti Tönkyrä
08:00 AM Suricata Bug #1435 (Closed): EVE-Log alert payload option loses data: It would seem that EVE-Log alert payload loses data before/during payload->base64 conversion. Below is an excerpt fro... Antti Tönkyrä

Also available in: Atom

Open Information Security Foundation