Brandon Murphy
- Login: zoomequipd
- Registered on: 09/17/2019
- Last sign in: 04/26/2024
Issues
open | closed | Total | |
---|---|---|---|
Assigned issues | 0 | 0 | 0 |
Reported issues | 34 | 27 | 61 |
Activity
04/20/2024
- 10:50 PM Suricata Bug #6424: HTTP/2 - http.host behavior when both :authority pseudo header and host header are present
- assigning to OISF Dev
- 10:31 PM Suricata Feature #6823 (Rejected): SC_WARN_POOR_RULE on to_lowercase/to_uppercase transformation with non-possible matching content
- i think this might already be a thing, but not the warning, it actually doesn't load the rule...
04/18/2024
- 03:43 AM Suricata Bug #6779: http.header_names behavior when encountering duplicate header names
- I would think that there should be _some_ way to detect duplicate header names. but maybe that's just http.header.raw...
04/16/2024
- 02:24 AM Suricata Bug #6959 (Closed): improve handling of content encoding: gzip but request_body not actually compressed
- Looking for a little help here.
h3. Context
We have a rule (simplified here) designed to alert on traffic cont...
04/11/2024
- 01:41 PM Suricata Feature #4226: bsize: apply as depth to patterns
- Jeff Lucovsky wrote in #note-15:
> Thanks; the urilen is 42; with that change, all 3 rules are evaluated.
Correct...
04/09/2024
- 03:32 PM Suricata Feature #4226: bsize: apply as depth to patterns
- Jeff Lucovsky wrote in #note-11:
> Do you have a pcap the urilen rule example will trigger on?
I do! Took me awhile ... - 01:04 PM Suricata Feature #4226: bsize: apply as depth to patterns
- Jeff Lucovsky wrote in #note-11:
> If bsize setting is the exact length of a pattern, apply startwith/endswith logic...
04/07/2024
- 03:42 PM Suricata Feature #4226: bsize: apply as depth to patterns
- FWIW, we have observed similar "oddness" within the profiler since the creation of this ticket. We have noticed it e...
04/06/2024
- 11:25 PM Suricata Feature #6926 (New): new buffer that includes HTTP headers and the start of HTTP body
- When reviewing many rules which contain unbuffered content matches a common pattern of matching on the end of the HTT...
- 09:26 PM Suricata Feature #5775: http.headers - dynamic sticky buffers
- When writing #6925 I considered that it might be worth allowing these dynamic sticky buffers to support multi-buffer ...
Also available in: Atom