[Oisf-users] Missing Payloads For Signatures that are HTTP + PCRE?

Peter Manev petermanev at gmail.com
Fri May 11 08:13:56 UTC 2012


Would you please be able to provide some more info about the signatures
(and a pcap if possible).
You can share it privately if you would like as well.


On Thu, May 10, 2012 at 11:39 PM, Eoin Miller <
eoin.miller at trojanedbinaries.com> wrote:

> Finally got around to installing Suricata and the alerting output I am
> seeing is missing payloads for several signatures. Each of these
> signatures it is missing it for seems to have one thing in common, it is
> using the http inspect stuff along with PCRE. Everything else appears to
> be alerting fine and has payloads though.
> Anyone else experienced something similar? This is really weird.
> -- Eoin
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users

Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120511/47d37e38/attachment-0002.html>

More information about the Oisf-users mailing list