Brandon Murphy
- Login: zoomequipd
- Registered on: 09/17/2019
- Last connection: 01/15/2023
Issues
open | closed | Total | |
---|---|---|---|
Assigned issues | 0 | 0 | 0 |
Reported issues | 22 | 10 | 32 |
Activity
01/15/2023
- 12:41 AM Suricata Bug #5780: HTTP/2 - FN when matching on multiple http2.header contents
- > Brandon, what do you think about https://github.com/OISF/suricata/pull/8371 ?
I'll be honest, I am not familiar en...
01/11/2023
- 10:09 PM Suricata Bug #5780: HTTP/2 - FN when matching on multiple http2.header contents
- Philippe Antoine wrote in #note-9:
> So, trying to sump up, there are 2 issues :
> - http2.header should match http... - 08:22 PM Suricata Bug #5780: HTTP/2 - FN when matching on multiple http2.header contents
- Philippe Antoine wrote in #note-7:
> > Do you happen to know if this only works when overloading is enabled (in 6.0.x... - 03:51 PM Suricata Bug #5780: HTTP/2 - FN when matching on multiple http2.header contents
- Philippe Antoine wrote in #note-4:
> Workaround use @http.header@ instead of @http2.header@ cf @alert http2 any any ...
01/10/2023
- 03:49 PM Suricata Bug #5780 (In Review): HTTP/2 - FN when matching on multiple http2.header contents
- It appears that when attempting to combine two different HTTP2 headers into a single rule, no alert is produced.
...
01/06/2023
- 03:21 PM Suricata Feature #4226: bsize: apply as depth to patterns
- Recently discovered that urilen is much faster than bsize applied to http.uri as well.
I'm not 100% sure if this ...
01/04/2023
- 06:16 PM Suricata Feature #5776 (New): PCRE fast_patterns via hyperscan
- This feature request is largely inspired by a new keyword introduced within Snort 3.0 The documentation is available...
- 04:10 PM Suricata Feature #5775 (New): http.headers - dynamic sticky buffers
- This idea is largely influenced by Snort 3.0 introduction of of an optional "field name" to the http_header keyword. ...
- 03:29 PM Suricata Support #5774: Addressing Mixed Case in HTTP Headers Names and HTTP2
- While this specific example highlights content negations, the same issues exists where we are explicitly looking for ...
- 03:21 PM Suricata Support #5774 (New): Addressing Mixed Case in HTTP Headers Names and HTTP2
- Today we have a large amount of rules which use content negations of specific header names similar to the following l...
Also available in: Atom