Bug #3856: dcerpc: last response packet not logged - Suricata - Open Information Security Foundation

Actions

Bug #3856

closed

dcerpc: last response packet not logged

Added by Shivani Bhardwaj about 4 years ago. Updated almost 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Affected Versions:

Effort:

Difficulty:

Label:

Description

For the pcap https://github.com/OISF/suricata-verify/blob/master/tests/dcerpc-dce-iface-01/20171220_smb_psexec_mimikatz_ticket_dump-s2.pcap, last response was never logged. I tried looking up what I did wrong but the response handler is never called for the last response (call ID: 20), I also cannot see the C code for response handling called for this packet.

Actions

Also available in: Atom PDF