Open Information Security Foundation

10/21/2019

07:49 PM Suricata Bug #3109: dcerpc engine not generating alerts

... Travis Green

10/14/2019

04:05 PM Suricata Bug #3109: dcerpc engine not generating alerts

Submitted PR for suricata-verify test https://github.com/OISF/suricata-verify/pull/139 Travis Green

10/04/2019

09:11 PM Suricata Bug #3218 (New): ssl_state does the wrong thing

The *ssl_state* keyword does not alert on the correct state when specified in the rule.
Example 1: should work w... Travis Green

09/12/2019

04:59 PM Suricata Task #3016 (Closed): No documentation for "endswith" keyword

closed via https://github.com/OISF/suricata/pull/4175 Travis Green

08/29/2019

04:28 AM Suricata Task #3014: Missing documentation for "flags" option

added PR https://github.com/OISF/suricata/pull/4138 Travis Green

08/15/2019

06:31 PM Suricata Documentation #3029: No documentation for "dcerpc" keywords

Shivani Bhardwaj wrote:
> There are no docs or examples of usage for "dcerpc.iface", "dcerpc.opnum", "dcerpc.stub_da... Travis Green

08/09/2019

11:04 PM Suricata Bug #3109: dcerpc engine not generating alerts

Eric Leblond had this deeper analysis to offer:... Travis Green

11:02 PM Suricata Bug #3109 (Closed): dcerpc engine not generating alerts

Rules using dce* keywords do not generate an alert despite matching packet contents. For example, given these two rul... Travis Green

07/18/2019

09:54 PM Suricata Feature #2377: deprecate: ssh.softwareversion and ssh.protoversion

Victor Julien wrote:
> Superseded by ssh_proto and ssh_version stickybuffer implementations.
>
> https://suricata... Travis Green

02/01/2019

08:21 PM Suricata Bug #2798: --engine-analysis is unaware of http_host buffer

Submitted PR. Travis Green