Actions
Bug #7279
closeddns: protocol detection is not strict enough
Affected Versions:
Effort:
Difficulty:
Label:
Description
From https://github.com/OISF/suricata/pull/11794 and TLPR pcaps from QA showing the deviation
Updated by Philippe Antoine 3 months ago
- Related to Bug #7228: dns: no data logged, and no events with udp corrupt additional record added
Updated by Philippe Antoine 3 months ago
- Subject changed from dns: custom protocol data exfiltration traffic on port 53 detected as DNS with later app-layer parser error to dns: protocol detection is not strict enough
It accepts as DNS custom protocol data exfiltration traffic on port 53 with later app-layer parser error on TLP pcap
Updated by Philippe Antoine 3 months ago
- Status changed from New to In Review
Updated by Philippe Antoine 6 days ago
- Status changed from In Review to Closed
Actions