Open Information Security Foundation

11/21/2018

11:20 AM Suricata Feature #2561: Add possibility for smtp raw extraction

I think this would be a different thing. Here, we just treat the whole SMTP flow as a unique blob, and store everythi... Maurizio Abba

11/17/2018

01:21 AM Suricata Feature #2561: Add possibility for smtp raw extraction

replaced by https://github.com/OISF/suricata/pull/3455 Maurizio Abba

12:41 AM Suricata Feature #2563: Add dump of all headers in http eve-log

v3 https://github.com/OISF/suricata/pull/3548 Maurizio Abba

08/03/2018

01:13 PM Suricata Feature #2563 (Closed): Add dump of all headers in http eve-log

A patch adding a list of json objects with the list of HTTP headers encountered for that transaction in the two objec... Maurizio Abba

12:50 PM Suricata Feature #2562 (Closed): Add http_port in http eve-log if specified in the hostname

This proposed patch adds a single element in a http json object, adding the port to the "http" object with the key "h... Maurizio Abba

08:48 AM Suricata Bug #2555 (Resolved): Ensure strings in eve-log are json-encodable

Maurizio Abba

08/02/2018

06:40 PM Suricata Feature #2561 (Closed): Add possibility for smtp raw extraction

It may be useful to store a whole email, in raw format, as part of an SMTP extracted file.
The proposed feature ad... Maurizio Abba

07/31/2018

06:07 AM Suricata Bug #2558 (Closed): negated fileext and filename do not work as expected

A bug in detect-fileext and detect-filename modules prevent the negated versions of the two matchers from working cor... Maurizio Abba

07/26/2018

12:52 PM Suricata Bug #2555 (Closed): Ensure strings in eve-log are json-encodable

Halfway between bug and feature.
In our current code any binary data would make function json_string fail. In case... Maurizio Abba

07/25/2018

03:01 PM Suricata Feature #2416 (Closed): Increase XFF coverage to files and http log

Maurizio Abba