General

Profile

Michal Purzynski

  • Login: michal
  • Registered on: 03/28/2018
  • Last sign in: 04/15/2020

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 0 4 4

Activity

04/15/2020

12:40 AM Suricata Bug #3342: Suricata 5.0 crashes while parsing SMB data
Terrific news - Suricata master has been stable for the past 4+ weeks. It might be I cannot reproduce it anymore. Michal Purzynski

03/16/2020

01:18 AM Suricata Bug #3342: Suricata 5.0 crashes while parsing SMB data
Michal Purzynski wrote in #note-1:
> What I see around this time (with Zeek's flow logs and parsed SMB data) is
>
... Michal Purzynski

02/13/2020

10:42 AM Suricata Bug #3342: Suricata 5.0 crashes while parsing SMB data
Victor Julien wrote:
> Michal, are you still seeing this with the current master or master-5.0.x branch?
I can te... Michal Purzynski

11/20/2019

10:22 PM Suricata Bug #3342: Suricata 5.0 crashes while parsing SMB data
After 30+ hours Suricata crashed again, here's what ASAN reported (not much, to be honest)... Michal Purzynski

11/19/2019

06:58 AM Suricata Bug #3342: Suricata 5.0 crashes while parsing SMB data
Victor Julien wrote:
> Thanks Michal. This crash happens during cleanup after the flow has timed out. I strongly sus... Michal Purzynski
12:10 AM Suricata Bug #3342: Suricata 5.0 crashes while parsing SMB data
What I see around this time (with Zeek's flow logs and parsed SMB data) is
- there's a couple of connections betwe... Michal Purzynski

11/18/2019

11:50 PM Suricata Bug #3342 (Closed): Suricata 5.0 crashes while parsing SMB data
From a couple of days Suricata 5.0 has been crashing on a regular basis, around the same time. We finally got the cor... Michal Purzynski

10/17/2019

12:01 AM Suricata Support #3252 (Closed): Matching a long list of tls.fingerprint fields is extremly CPU intensive
The suricata-update script comes with some useful rule sources, like the sslbl.abuse.ch.
It is basically around 30... Michal Purzynski

10/16/2019

08:16 AM Suricata Optimization #2725: stream/packet on wrong thread
> What do you mean by ATR disabled and nothing in flow rules in detail?
ATR is Intel's Application Targeted Routin... Michal Purzynski

07/17/2019

11:41 PM Suricata Optimization #2725: stream/packet on wrong thread
One more thing - what's the hash that RPS uses? There are two hashes and the cluster_flow computation does not update... Michal Purzynski

Also available in: Atom