Open Information Security Foundation

04/16/2018

11:04 AM Suricata Bug #2490: Filehash rule does not fire without filestore keyword

Oops, missed the actual commands leading to the with-filestore execution:...

11:01 AM Suricata Bug #2490 (New): Filehash rule does not fire without filestore keyword

I was testing some filehash rules and encountered an issue where suricata alert does not fire without filestore keywo...

04/07/2017

07:43 AM Suricata Bug #2090: Rule-reload in multi-tenancy is buggy

suricata.log when run with -vv...

06:37 AM Suricata Bug #2090: Rule-reload in multi-tenancy is buggy

From debian sources, detect-engine.c:1228 looks to be...

06:22 AM Suricata Bug #2090 (Closed): Rule-reload in multi-tenancy is buggy

Observed version 3.2.1-1 (Debian Stretch)
I have observed several failure cases when performing rule reloads in mu...

10/05/2016

03:33 AM Suricata Bug #1911 (New): Commandline provided configuration values don't persist after initial startup

When using --set key=value commandline arguments to set some configuration parameters on startup, it seems that those...

08/27/2015

03:36 AM Suricata Feature #1535 (Closed): Expose the certificate itself in TLS-lua

Current development version of TLS-lua only exposes certificate metadata to lua scripts.
I propose a feature where...

07/23/2015

09:05 AM Suricata Feature #1514 (Closed): SSH softwareversion regex should allow colon

Trojaned PuTTY builds have become more common recently, one method to catch some of them is to look for the version s...

03/30/2015

09:39 AM Suricata Bug #1435: EVE-Log alert payload option loses data

And here's the output section regarding EVE-log...

08:00 AM Suricata Bug #1435 (Closed): EVE-Log alert payload option loses data

It would seem that EVE-Log alert payload loses data before/during payload->base64 conversion. Below is an excerpt fro...