General

Profile

Brandon Murphy

  • Login: zoomequipd
  • Registered on: 09/17/2019
  • Last sign in: 04/26/2024

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 34 27 61

Activity

04/20/2024

10:50 PM Suricata Bug #6424: HTTP/2 - http.host behavior when both :authority pseudo header and host header are present
assigning to OISF Dev Brandon Murphy
10:31 PM Suricata Feature #6823 (Rejected): SC_WARN_POOR_RULE on to_lowercase/to_uppercase transformation with non-possible matching content
i think this might already be a thing, but not the warning, it actually doesn't load the rule... Brandon Murphy

04/18/2024

03:43 AM Suricata Bug #6779: http.header_names behavior when encountering duplicate header names
I would think that there should be _some_ way to detect duplicate header names. but maybe that's just http.header.raw... Brandon Murphy

04/16/2024

02:24 AM Suricata Bug #6959 (Closed): improve handling of content encoding: gzip but request_body not actually compressed
Looking for a little help here.
h3. Context
We have a rule (simplified here) designed to alert on traffic cont... Brandon Murphy

04/11/2024

01:41 PM Suricata Feature #4226: bsize: apply as depth to patterns
Jeff Lucovsky wrote in #note-15:
> Thanks; the urilen is 42; with that change, all 3 rules are evaluated.
Correct... Brandon Murphy

04/09/2024

03:32 PM Suricata Feature #4226: bsize: apply as depth to patterns
Jeff Lucovsky wrote in #note-11:
> Do you have a pcap the urilen rule example will trigger on?
I do! Took me awhile ... Brandon Murphy
01:04 PM Suricata Feature #4226: bsize: apply as depth to patterns
Jeff Lucovsky wrote in #note-11:
> If bsize setting is the exact length of a pattern, apply startwith/endswith logic... Brandon Murphy

04/07/2024

03:42 PM Suricata Feature #4226: bsize: apply as depth to patterns
FWIW, we have observed similar "oddness" within the profiler since the creation of this ticket. We have noticed it e... Brandon Murphy

04/06/2024

11:25 PM Suricata Feature #6926 (New): new buffer that includes HTTP headers and the start of HTTP body
When reviewing many rules which contain unbuffered content matches a common pattern of matching on the end of the HTT... Brandon Murphy
09:26 PM Suricata Feature #5775: http.headers - dynamic sticky buffers
When writing #6925 I considered that it might be worth allowing these dynamic sticky buffers to support multi-buffer ... Brandon Murphy

Also available in: Atom