SD Simon Dugas
- Login: cccs-sadugas
- Registered on: 12/23/2020
- Last sign in: 01/17/2024
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 2 | 2 | 4 |
| Reported issues | 2 | 0 | 2 |
Projects
| Project | Roles | Registered on |
|---|---|---|
| Suricata | Developer | 02/10/2024 |
| Suricata-Update | Developer | 02/10/2024 |
Activity
10/27/2021
- SD 12:20 PM Suricata Feature #3285: rules: XOR keyword
- Last time I was looking into transforms they didn't seem to support a "sticky buffer" on the entire TCP payload or holding on to variables such as keys. That was a while ago and I think the transforms API may have improved since then, I'...
05/07/2021
- SD 03:13 PM Suricata Feature #3957: Convert protocol to Rust: Modbus
- Pull request https://github.com/OISF/suricata/pull/6090 has been merged.
We are still finalizing lower priority fixes from the previous code review comments:
1. Fix for write multiple coils check identified in https://github.com/OISF...
02/25/2021
- SD 03:18 PM Suricata Optimization #2780: Convert DNP3 from C to Rust
- Haven't heard of `nom-derive`. Thank you for the info.
- SD 03:17 PM Suricata Feature #3958: enip: convert protocol parser to rust
- Could I be assigned this ticket? We are currently working on an ENIP rust parser to go along with our DNP3 and modbus parsers.
02/03/2021
- SD 06:05 PM Suricata Optimization #2780: Convert DNP3 from C to Rust
- We are working on a rust parser for DNP3 so I wouldn't mind taking on this ticket.
The move/implementation would be similar to modbus (https://github.com/OISF/suricata/pull/5810) once that code review is finalized.
*Implementation ...
01/19/2021
- SD 09:48 PM Suricata Feature #2096: eve: event_type for MODBUS
- Sample output is shown in this pull request which may implement this ticket:
- https://github.com/OISF/suricata/pull/5750 - SD 09:19 PM Suricata Feature #3957: Convert protocol to Rust: Modbus
- Pull request is open: https://github.com/OISF/suricata/pull/5750
You are also welcome to review our parsing library: https://github.com/CybercentreCanada/sawp
01/04/2021
- SD 06:35 PM Suricata Feature #4249: ics protocol: SS7 Protocol Support
- We are planning to extend support and at the least at session tracking.
- SD 04:42 PM Suricata Feature #3957: Convert protocol to Rust: Modbus
- Thank you, our pull request is coming soon for this.
The tickets for SS7 and diameter have been created:
* #4249
* #4250 - SD 04:31 PM Suricata Feature #4250 (New): Diameter Protocol Support
- Add support for diameter protocol used in 4G networks with the following stack:
IP / TCP or SCTP / Diameter
This includes EVE logging and detection keywords.
More research is needed to determine a list of useful detection keywor...