Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(suricata): missing rdp smart description #1374

Merged
merged 2 commits into from
Dec 10, 2024
Merged

fix(suricata): missing rdp smart description #1374

merged 2 commits into from
Dec 10, 2024

Conversation

r1chev
Copy link
Contributor

@r1chev r1chev commented Nov 29, 2024

Quick fix to add a missing smart description for RDP connection.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 29, 2024
edited
Loading

Smart descriptions generated from the latest tests at 2024-12-10 11:13:09:

Test File Smart Description
Suricata/suricata/tests/alert.json Generic Protocol Command Decode alert from SURICATA HTTP missing Host header signature raised by 1.2.3.4
Suricata/suricata/tests/alert_community_id.json Alert from Agent signature raised by 10.0.4.4
Suricata/suricata/tests/anomaly.json Anomaly event type REQUEST_AUTH_UNRECOGNIZED raised by 10.200.52.1
Suricata/suricata/tests/beats.json Metricbeat raw from probe
Suricata/suricata/tests/dns_answer.json DNS answer is NULL
Suricata/suricata/tests/dns_answer2.json DNS answer for org.repo.release.build.test.com is NULL
Suricata/suricata/tests/dns_answers.json DNS answer is NULL
Suricata/suricata/tests/dns_query.json DNS query by 172.31.0.204 for rp1.sekoia.io
Suricata/suricata/tests/flow.json Traffic flow from 10.0.4.4 on port 49250 to 1.2.3.4 on port 443 and protocol TCP
Suricata/suricata/tests/ftp.json FTP connection from 1.2.3.4 to 10.0.4.4
Suricata/suricata/tests/http.json Potentially Bad Traffic alert from GPL ATTACK_RESPONSE command completed signature raised by 10.20.30.101
Suricata/suricata/tests/icmp.json Traffic flow from fe80::fc16:3eff:fe01:3dd2 on port NULL to ff02::2 on port NULL and protocol IPv6-ICMP
Suricata/suricata/tests/rdp.json RDP traffic from 14.225.46.243 to 10.0.1.4
Suricata/suricata/tests/smb.json SMB traffic from 1.2.3.4 to 10.0.4.4
Suricata/suricata/tests/ssh.json SSH request from 1.2.3.4 to 10.0.4.4
Suricata/suricata/tests/stats.json Stats infos
Suricata/suricata/tests/tls.json TLS connection from 190.214.13.2 to 10.20.30.101

@r1chev r1chev force-pushed the fix(suricata)rpd_smart_desc branch from 9747b32 to 81af8ce Compare November 29, 2024 15:21
@r1chev r1chev requested a review from squioc November 29, 2024 15:22
@r1chev r1chev self-assigned this Nov 29, 2024
squioc
squioc approved these changes Dec 10, 2024
View reviewed changes
Copy link
Collaborator

@squioc squioc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@squioc squioc merged commit 525a164 into main Dec 10, 2024
7 checks passed
@r1chev r1chev deleted the fix(suricata)rpd_smart_desc branch December 10, 2024 13:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@squioc squioc squioc approved these changes

Assignees

@r1chev r1chev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@r1chev @squioc