[Oisf-users] Sha hashes not consistent in 3.2beta1, md5 OK

Duarte Silva duarte.silva at serializing.me
Fri Oct 7 19:27:29 UTC 2016

Hey Jeremy,

are you seeing the problems on the logging or on the rules matching?


On Friday 07 October 2016 12:30:26 Jeremy MJ wrote:
> Greetings,
> I am testing sha1/256 hashing in Suricata 3.2beta1. I noticed that the
> MD5 always matches the file stream, however on occasion the hash for
> sha1/256 do not match the actual file stream (but the md5 does).
> Typically this is on larger files. Is there a configuration setting I
> should look at? Is anyone else observing this?
> Regards,
> --
> Jeremy MJ
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC: http://suricon.net

More information about the Oisf-users mailing list