You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Philippe Antoine 4713ce44c2 tcp: rejects FIN+SYN packets as invalid ... Ticket: #4569 If a FIN+SYN packet is sent, the destination may keep the connection alive instead of starting to close it. In this case, a later SYN packet will be ignored by the destination. Previously, Suricata considered this a session reuse, and thus used the sequence number of the last SYN packet, instead of using the one of the live connection, leading to evasion. This commit errors on FIN+SYN so that they do not get processed as regular FIN packets. (cherry picked from commit 6cb6225b28)		4 years ago
..
Makefile.am	rules: install dhcp-events.rules; order alphabetically	7 years ago
app-layer-events.rules	app-layer: protocol change API	9 years ago
decoder-events.rules	ipv6: decoder event on invalid length	5 years ago
dhcp-events.rules	dhcp: add dhcp app-layer rules file	8 years ago
dnp3-events.rules	rules: add missing classtypes for event.rules	9 years ago
dns-events.rules	rules: add missing classtypes for event.rules	9 years ago
files.rules	doc: minor updates (tls custom, TODO removal, ftp/smb file rules)	8 years ago
http-events.rules	http: sets compression bomb limit	7 years ago
ipsec-events.rules	rules: fix event names for ikev2 (weak authentication and DH parameters)	7 years ago
kerberos-events.rules	Kerberos 5: rename weak crypto to weak encryption, and log it	8 years ago
modbus-events.rules	rules: add missing classtypes for event.rules	9 years ago
nfs-events.rules	rust/nfs: implement events	9 years ago
ntp-events.rules	Add event rules for NTP events	9 years ago
smb-events.rules	smb: adds file overlap event against evasions	6 years ago
smtp-events.rules	smtp/mime: Set event when name exceeds limit	6 years ago
stream-events.rules	tcp: rejects FIN+SYN packets as invalid	4 years ago
tls-events.rules	tls: increase max number of tls records per packet	9 years ago