- Login: daedalus
- Email: email@example.com
- Registered on: 09/29/2014
- Last connection: 10/08/2020
- 10:19 AM Suricata Bug #4063: rdata field not included in DNS log for NS rrtype
- PR @ https://github.com/OISF/suricata/pull/5478
- 10:16 AM Suricata Bug #4063 (In Review): rdata field not included in DNS log for NS rrtype
- I believe this is a regression that was introduced at some point (possibly when DNS parsing moved to rust). Current c...
- 10:45 AM Suricata Bug #3783 (Closed): Stack overflow in DetectFlowbitsAnalyze
- When doing torture tests, I discovered a stack overflow in DetectFlowbitsAnalyze. I have made a PR to github @ https:...
- 05:01 PM Suricata Bug #3771: Extreme performance degradation when doing IP-only rules with flow-keyword
- My observations (which can be false, please double-check; I'm not really an expert on detect code :)
With "almost ...
- 03:32 PM Suricata Bug #3771 (New): Extreme performance degradation when doing IP-only rules with flow-keyword
- I did a brief test and found out an issue when doing large sets of IP-only rules.
Following IP-only rules seem to...
- 02:00 PM Suricata Bug #3354: eve-log dns (possibly others) alerts miss metadata for all but first packet
- I'm not sure if the correct fix would be to add looking up TX like we do in stateless sigs at https://github.com/OISF...
- 11:03 AM Suricata Bug #3354: eve-log dns (possibly others) alerts miss metadata for all but first packet
- Sure, https://github.com/OISF/suricata-verify/pull/160
- 12:52 PM Suricata Bug #3354 (Feedback): eve-log dns (possibly others) alerts miss metadata for all but first packet
- It looks like eve-log alerts are slightly broken/miss metadata for DNS (might affect other protocols too).
- 05:32 PM Suricata Bug #3099 (Closed): Weird handling of IKEv2 flows when alerts happen
- IKEv2 parser in its current state makes it possible to cause a slight denial-of-service condition to single suricata ...
- 11:36 PM Suricata Bug #2490: Filehash rule does not fire without filestore keyword
- Okay verified the same behavior on freshly compiled 4.1.4 too.
Also available in: Atom