General

Profile

Travis Green

Issues

Projects

Activity

10/15/2018

08:41 AM Suricata Revision 576b3b6a: Added new classifications to classification.conf
Added classifications from rule-writing community feedback.

09/12/2018

08:37 PM Suricata Bug #2619 (New): Malformed HTTP causes FN using http_header_names;
In Suricata 4.x, a malformed HTTP request/response can cause FN when using http_header_names;
I have included 2 p...

11/22/2017

09:41 AM Suricata Feature #2287: force lowercase on dns_query buffer
We had a meeting and agreed this buffer should be caseful. This feature request can be closed.

11/07/2017

12:24 PM Suricata Bug #2263 (Closed): content matches disregarded when using dns_query on udp traffic
Using Suricata-4.0.x, content matches before dns_query; sticky buffer are disregarded
* FP:
alert dns $HOME_NET a...

01/17/2017

08:55 AM Suricata Revision f08cc1f3: yaml: update commented rule files
Disabled scada.rules, added commented rule file names to help
administrators find informational rule files.

08/09/2016

01:20 PM Suricata Bug #1860: 2220005: SURICATA SMTP bdat chunk len exceeded when using SMTP connection caching
add'l notes from Travis:
- connection reuse is also called SMTP connection caching
- is a feature in postfix and se...
01:05 PM Suricata Bug #1860 (Assigned): 2220005: SURICATA SMTP bdat chunk len exceeded when using SMTP connection caching
I am seeing many of these at various client sites, and they seem to be FPs. Here is a redacted example of an SMTP co...

02/22/2016

04:51 AM Suricata Revision 72c9debb: yaml: disable rules by default
Change to "disable by default" rulefiles

Also available in: Atom