Guru Medidation
- Login: bugs
- Email: bugs@elysiumsecurity.com
- Registered on: 07/24/2015
- Last sign in: 08/25/2015
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 0 | 0 | 0 |
| Reported issues | 0 | 3 | 3 |
Activity
08/25/2015
- 01:11 PM Suricata Support #1533: Potential problem with detecting Windows EXE download
- Thanks Victor, I have just done that and will let you know if it is indeed a problem with SELKS.
But you are right,...
08/22/2015
- 02:34 PM Suricata Support #1533: Potential problem with detecting Windows EXE download
- Issue confirmed and pcap attached.
Using tcpreplay with this pcap triggers alert 2000419 in snort but nothing in Sur...
08/21/2015
- 06:07 PM Suricata Support #1533: Potential problem with detecting Windows EXE download
- By the way, if I do a
wget http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
then it will fire the 201895... - 05:44 PM Suricata Support #1533 (Closed): Potential problem with detecting Windows EXE download
- Hi,
I am using SELKS 2.0, recently upgraded, no changes to default settings.
I have noticed something strange wit...
08/02/2015
- 10:32 AM Suricata Bug #1516: ShellCode Rule does not get fired in Suricata but it does in Snort
- Thanks to ebf0 on IRC, this is *not* an issue and can be closed.
Shellcode are not detected on port 80, that's the r...
07/27/2015
- 04:10 AM Suricata Bug #1515: Problem with Threshold.config when using more than one IP
- Updated with attachment
07/25/2015
- 12:44 PM Suricata Bug #1516: ShellCode Rule does not get fired in Suricata but it does in Snort
- Another attempt at uploading the pcap, this time using a different browser.
If this does not work... is the upload o... - 08:50 AM Suricata Bug #1516: ShellCode Rule does not get fired in Suricata but it does in Snort
- Ok, I clicked on CHOOSE FILES, selected my pcap. I can see it here and it has a tag of "internal sever".
I write thi... - 08:41 AM Suricata Bug #1516 (Closed): ShellCode Rule does not get fired in Suricata but it does in Snort
- Rule: 2101390
Which looks for Shellcode signature "CCCCCCC"
Does not get fired with Suricata but it does with Snort...
07/24/2015
- 10:14 AM Suricata Bug #1515: Problem with Threshold.config when using more than one IP
- Actually, none of the rules with more than 1 IP get suppressed. So nothing special with the IRC related rules. Just a...
Also available in: Atom