[Oisf-users] FIPS compliance

Eric Leblond eric at regit.org
Thu Feb 2 13:45:39 UTC 2017


On Thu, 2017-02-02 at 08:28 -0500, erik clark wrote:
> Is it possible to disable the md5 hooks in suricata without much
> effort? Currently it isn't FIPS compliant, and we would like to make
> it so. Thanks!

Internally Suricata is not using md5 in any way. There is just some
rules and output that are using it.

On output there is the hash value of file for sure. In Suricata 3.2,
you can change the variable to use other algorithm.

Regarding the rules, you can decide not to implement rules using md5
related keywords like filemd5.

If not enough, it should be possible to make some part of the build
conditional. But that's more an oisf-devel question.

Eric Leblond <eric at regit.org>

More information about the Oisf-users mailing list