General

Profile

Eloy Pérez

  • Login: zer1t0
  • Registered on: 06/15/2021
  • Last sign in: 02/24/2022

Issues

open closed Total
Assigned issues 1 6 7
Reported issues 4 7 11

Activity

02/24/2022

12:34 PM Suricata Bug #5160 (New): smb: Misguiding keyword smb.named_pipe

The "smb.named_pipe" this keyword is used to match shares in the tree_connect request that contains named pipes (su...
Eloy Pérez

02/17/2022

12:52 PM Suricata Bug #5087 (Closed): smb: file.name sticky buffer doesn't match all smb files
The file.name doesn't need the Unicode characters and only matches the transferred files. Eloy Pérez
11:17 AM Suricata Bug #5087 (Closed): smb: file.name sticky buffer doesn't match all smb files

Eloy Pérez
12:05 PM Suricata Documentation #5088 (Closed): file.name sticky buffer is not documented

The file.name sticky buffer is not documented. It should be documented in _/rules/file-keywords.html#filename_ as t...
Eloy Pérez

02/16/2022

11:35 AM Suricata Feature #5082 (Closed): smb: keyword for matching the SMB files

It would be nice to have a keyword that allows to match the filenames that are being accessed/created through smb c...
Eloy Pérez

02/14/2022

10:13 AM Suricata Feature #5075 (Closed): smb: keyword for the SMB version
Create a new keyword to allow match an specific SMB version, that can be 1 or 2.
Eloy Pérez

02/11/2022

12:56 PM Suricata Feature #5069 (New): smb: keyword for matching smb command
Create a new keyword to allow match an specific SMB command (message type). Eloy Pérez

02/10/2022

10:38 AM Suricata Feature #5067 (New): smb/dcerpc: Match dcerpc (over smb) requests before bind_ack

Windows computers made a heavy use of the dcerpc protocol. I being working with a Windows Server 2019 and observed ...
Eloy Pérez

01/12/2022

12:26 PM Suricata Optimization #4950 (New): Code improvement in KRB5State.parse function
The function KRB5State.parse function requires a couple of improvements in code readability:
- Giving meaningful n...
Eloy Pérez

10/21/2021

10:20 AM Suricata Bug #4529: Not keyword matches in Kerberos requests
Update: it also happens with TGS-REQ and KRB-ERROR messages. Eloy Pérez

Also available in: Atom