Project

General

Profile

Actions

Bug #7530

open

Kerberos: sname/cname code and suricata documentation both wrong

Added by campbell robertson 23 days ago. Updated 22 days ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Beginner

Description

In the suricata documentation the cname and sname are described as client and server name. https://docs.suricata.io/en/latest/rules/kerberos-keywords.html
But the suricata code in github, describe the krb5_cname and krb5_sname as their respective principal name:

These were contradicting, so we did a test and it looks like the the krb5_cname is the client service principal and the sname is the destination server, so it appears that both the docs and the code documentation is wrong.


Files

Actions

Also available in: Atom PDF