Skip to content

Commit

Permalink
smb: rules for messages in the wrong direction
Browse files Browse the repository at this point in the history 
(cherry picked from commit 1e65324)
  • Loading branch information
@jasonish @victorjulien
jasonish authored and victorjulien committed Apr 19, 2022
1 parent e55fef3 commit fca9c69
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions rules/smb-events.rules
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,5 @@ alert smb any any -> any any (msg:"SURICATA SMB malformed NTLMSSP record"; flow:
alert smb any any -> any any (msg:"SURICATA SMB malformed request dialects"; flow:to_server; app-layer-event:smb.negotiate_malformed_dialects; classtype:protocol-command-decode; sid:2225005; rev:1;)

alert smb any any -> any any (msg:"SURICATA SMB file overlap"; app-layer-event:smb.file_overlap; classtype:protocol-command-decode; sid:2225006; rev:1;)
alert smb any any -> any any (msg:"SURICATA SMB wrong direction"; app-layer-event:smb.response_to_server; classtype:protocol-command-decode; sid:2225007; rev:1;)
alert smb any any -> any any (msg:"SURICATA SMB wrong direction"; app-layer-event:smb.request_to_client; classtype:protocol-command-decode; sid:2225008; rev:1;)

0 comments on commit fca9c69

Please sign in to comment.