mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1f8a5874fb
We only try to parse a small subset of what is possible in RFB. Currently we only understand some standard auth schemes and stop parsing when the server-client handshake is complete. Since in IPS mode returning an error from the parser causes drops that are likely uncalled for, we do not want to return errors when we simply do not understand what happens in the traffic. This addresses Redmine #5912. Bug: #5912. |
2 years ago | |
|---|---|---|
| .. | ||
| Makefile.am | 2 years ago | |
| README.md | ||
| app-layer-events.rules | ||
| decoder-events.rules | 2 years ago | |
| dhcp-events.rules | ||
| dnp3-events.rules | ||
| dns-events.rules | ||
| files.rules | 2 years ago | |
| ftp-events.rules | ||
| http-events.rules | 2 years ago | |
| http2-events.rules | ||
| ipsec-events.rules | ||
| kerberos-events.rules | ||
| modbus-events.rules | 2 years ago | |
| mqtt-events.rules | ||
| nfs-events.rules | ||
| ntp-events.rules | ||
| quic-events.rules | ||
| rfb-events.rules | 2 years ago | |
| smb-events.rules | ||
| smtp-events.rules | ||
| ssh-events.rules | ||
| stream-events.rules | ||
| tls-events.rules | ||
README.md
Suricata Reserved SID Allocations
Unless otherwise noted, each component or protocol is allocated 1000 signature IDs.
Components
| Component | Start | End |
|---|---|---|
| Decoder | 2200000 | 2200999 |
| Stream | 2210000 | 2210999 |
| Generic App-Layer | 2260000 | 2260999 |
App-Layer Protocols
| Protocol | Start | End |
|---|---|---|
| SMTP | 2220000 | 2220999 |
| HTTP | 2221000 | 2221999 |
| NTP | 2222000 | 2222999 |
| NFS | 2223000 | 2223999 |
| IPsec | 2224000 | 2224999 |
| SMB | 2225000 | 2225999 |
| Kerberos | 2226000 | 2226999 |
| DHCP | 2227000 | 2227999 |
| SSH | 2228000 | 2228999 |
| MQTT | 2229000 | 2229999 |
| TLS | 2230000 | 2230999 |
| QUIC | 2231000 | 2231999 |
| FTP | 2232000 | 2232999 |
| DNS | 2240000 | 2240999 |
| MODBUS | 2250000 | 2250999 |
| DNP3 | 2270000 | 2270999 |
| HTTP2 | 2290000 | 2290999 |