- Login: zer1t0
- Registered on: 06/15/2021
- Last connection: 02/24/2022
- 12:34 PM Suricata Bug #5160 (New): smb: Misguiding keyword smb.named_pipe
The "smb.named_pipe" this keyword is used to match shares in the tree_connect request that contains named pipes (su...
- 12:52 PM Suricata Bug #5087 (Closed): smb: file.name sticky buffer doesn't match all smb files
- The file.name doesn't need the Unicode characters and only matches the transferred files.
- 11:17 AM Suricata Bug #5087 (Closed): smb: file.name sticky buffer doesn't match all smb files
- 12:05 PM Suricata Documentation #5088 (New): file.name sticky buffer is not documented
The file.name sticky buffer is not documented. It should be documented in _/rules/file-keywords.html#filename_ as t...
- 11:35 AM Suricata Feature #5082 (New): smb: keyword for matching the SMB files
It would be nice to have a keyword that allows to match the filenames that are being accessed/created through smb c...
- 10:13 AM Suricata Feature #5075 (In Review): smb: keyword for the SMB version
- Create a new keyword to allow match an specific SMB version, that can be 1 or 2.
- 12:56 PM Suricata Feature #5069 (In Review): smb: SMB keyword for match the smb command
- Create a new keyword to allow match an specific SMB command (message type).
- 10:38 AM Suricata Feature #5067 (New): smb/dcerpc: Match dcerpc (over smb) requests before bind_ack
Windows computers made a heavy use of the dcerpc protocol. I being working with a Windows Server 2019 and observed ...
- 12:26 PM Suricata Optimization #4950 (New): Code improvement in KRB5State.parse function
- The function KRB5State.parse function requires a couple of improvements in code readability:
- Giving meaningful n...
- 10:20 AM Suricata Bug #4529: Not keyword matches in Kerberos requests
- Update: it also happens with TGS-REQ and KRB-ERROR messages.
Also available in: Atom