General

Profile

Brandon Murphy

  • Login: zoomequipd
  • Registered on: 09/17/2019
  • Last connection: 03/01/2024

Issues

open closed Total
Assigned issues 1 0 1
Reported issues 28 25 53

Activity

Today

12:38 AM Suricata Feature #6823 (New): SC_WARN_POOR_RULE on to_lowercase/to_uppercase transformation with non-possible matching content
Came across this error today which detected uppercase letters in a buffer that is normalized to lowercase.
Would ...
Brandon Murphy

02/14/2024

11:02 PM Suricata Bug #6483: http.request_headers - odd behavior with multiple signtures
Confirmed. I'm not able to reproduce this behavior on 8.0.0-dev (41a621178 2024-02-14) or 7.0.3
Brandon Murphy
07:20 PM Suricata Documentation #6781 (New): http keywords lacking information about values from duplicate headers being concatenated
h3. Context and Current Behavior
Currently there are three places within the documentation that explains a conditi...
Brandon Murphy

02/13/2024

08:26 PM Suricata Bug #6779 (New): http.header_names behavior when encountering duplicate header names
h3. Recreation and Context:
Consider the attached pcap which contains the following HTTP Request. Take note of t...
Brandon Murphy

02/09/2024

02:05 PM Suricata Bug #6736: http.request_header and http.response_header behavior with HTTP1 traffic
Victor Julien wrote in #note-5:
> This has been fixed in 7.0.3 as part of work around #6441.
is 6441 a private is...
Brandon Murphy

01/18/2024

06:08 PM Suricata Documentation #6694 (New): placement of bitmask note about right shift behavior
Brandon Murphy
06:08 PM Suricata Documentation #6694 (New): placement of bitmask note about right shift behavior
byte_test has a snippet bout the right shift in the main keyword doc
https://docs.suricata.io/en/latest/rules/payloa...
Brandon Murphy
06:03 PM Suricata Feature #6693 (New): byte_jump - add support for bitmask option
documentation for the byte_jump keyword includes an optional "bitmask" operation.
however, in looking through th...
Brandon Murphy

01/05/2024

06:37 PM Suricata Feature #2695: websocket support
I could have sworn I replied to this yeterday, but can't find it...
Philippe Antoine wrote in #note-32:
> > ...
Brandon Murphy
06:23 PM Suricata Feature #6290: support case insensitive testing of HTTP header name existence
Is this eligible for backport into 7? Brandon Murphy

Also available in: Atom