Bug #437: filemagic / libmagic inconsistent between releases - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #437

closed

filemagic / libmagic inconsistent between releases

Added by Victor Julien over 12 years ago. Updated over 1 year ago.

Status:

Rejected

Priority:

Normal

Assignee:

Community Ticket

Target version:

TBD

Affected Versions:

Effort:

Difficulty:

Label:

Description

See http://permalink.gmane.org/gmane.comp.security.ids.snort.emerging-sigs/15224

The issue is that the installed libmagic versions can return different results for the same file. This doesn't make libmagic/filemagic useless, but it does make it very hard to use for a ruleset like ET.

Possible solutions:
- ship/integrate libmagic so we always use the right version
- ship our own set of definitions for each libmagic version
- write our own file identify code (http://www.garykessler.net/library/file_sigs.html)

Related issues 2 (1 open — 1 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

	Related to Suricata - Feature #886: bromagic support	Closed					Actions
	Related to Suricata - Feature #5894: file: file classification keyword	Feedback	Victor Julien				Actions

Project

General

Profile

Suricata

Custom queries

Bug #437

filemagic / libmagic inconsistent between releases

Updated by Victor Julien over 12 years ago

Updated by Andreas Herz almost 9 years ago

Updated by Peter Manev almost 9 years ago

Updated by Andreas Herz over 8 years ago

Updated by Victor Julien over 7 years ago

Updated by Andreas Herz over 7 years ago

Updated by Andreas Herz over 7 years ago

Updated by Victor Julien over 6 years ago

Updated by Andreas Herz over 5 years ago

Updated by Andreas Herz over 5 years ago

Updated by Victor Julien over 1 year ago

Updated by Philippe Antoine over 1 year ago

Updated by Juliana Fajardini Reichow over 1 year ago

Updated by Philippe Antoine over 1 year ago