Open Information Security Foundation

11/17/2024

06:45 PM Suricata Bug #7397 (In Review): list-keywords command line option is crashing

When using Suricata master to list the keywords available, it is crashing.... Eric Leblond

11/07/2024

08:23 PM Suricata Feature #7372 (In Review): Datajson: a dataset evolution

Indicator of Compromises (IOCs) are a key element in Security Operating Center. Dataset
have been a huge step in get... Eric Leblond

10/30/2024

09:12 AM Suricata Bug #7357: filestore keyword option seems not to work

In https://github.com/OISF/suricata-verify/pull/2111 filestore-v2.11-with-option is testing the problem. Eric Leblond

09:11 AM Suricata Bug #7356: Unexpected effect of filestore keyword

In https://github.com/OISF/suricata-verify/pull/2111 filestore-v2.10-wrong-direction is testing this problem. Eric Leblond

10/29/2024

09:19 PM Suricata Bug #7357 (In Progress): filestore keyword option seems not to work

Eric Leblond

05:24 PM Suricata Bug #7357 (In Progress): filestore keyword option seems not to work

with the same condition described in https://redmine.openinfosecfoundation.org/issues/7356, it seems we have problem ... Eric Leblond

05:20 PM Suricata Bug #7356 (New): Unexpected effect of filestore keyword

If we take the two following signatures on a pcap file where exe file are downloaded over http, then the first one (s... Eric Leblond

05:16 PM Suricata Documentation #7355 (New): Non working signatures in filestore explanation

On https://docs.suricata.io/en/latest/file-extraction/file-extraction.html
There is a series of example on the ext... Eric Leblond

10/28/2024

06:29 PM Suricata Bug #7346: eve/fileinfo: sha256 should not be logged on incomplete file

I think we can close this. Getting file even truncated for analysis is interesting.
Sorry for the noise. Eric Leblond

10/26/2024

12:07 PM Suricata Bug #7347 (In Review): eve/alert: log file_data

As transformation occurs on stream data when it becomes file data, it may not be trivial for the analyst to understan... Eric Leblond