diff --git a/CHANGELOG.md b/CHANGELOG.md index abed352..ab3c3ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +# Version 1.2.17 (17 May 2023) +- Add 2 security rules, 96, 97 to detect attacks concerning HTTP2 + # Version 1.2.16 (23 Mar 2023) - Add prefix`MMT_SEC_` to the env variable in rule 95 - Add security rule to detect Slowloris DoS attack diff --git a/Makefile b/Makefile index a1f8fa7..1dd03f2 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ MMT_DPI_DIR := $(MMT_BASE)/dpi #get git version abbrev GIT_VERSION := $(shell git log --format="%h" -n 1) -VERSION := 1.2.16 +VERSION := 1.2.17 CACHE_LINESIZE := 64 #$(shell getconf LEVEL1_DCACHE_LINESIZE) diff --git a/rules/98.http2_payload_fuzzing.xml b/rules/98.http2_payload_fuzzing.xml deleted file mode 100644 index 238a49b..0000000 --- a/rules/98.http2_payload_fuzzing.xml +++ /dev/null @@ -1,50 +0,0 @@ - - - - -#include -#include -#include "mmt_lib.h" -#include "tcpip/mmt_tcpip_protocols.h" -#include "pre_embedded_functions.h" - - -static bool em_check_fuzzing( int payload_length,const char* payload, double packet_id){ - - //char*data; - //data=(char*)payload_data; - - bool result=false; - - for (int i = 9; i < payload_length+9; i++) { - //printf(" %02hhX ",payload[i]); - if((payload[i]=='\\')|| payload[i]=='#' || (payload[i]=='%')){ - result=true; - // printf( " Rule 98:Recognized suspect fuzzing. Length %d %f\n",payload_length,packet_id); - break; - } - } - //printf("\n"); - - return result; -} - - -]]> - - - - - - -