Wiki

User Tools

Site Tools

Trace: performance trace_flags encoding change_the_mac_address support_and_resistance_levels set_up_password_aging_for_users ssh_into_the_access_point convert_.pem_to_.pkcs12 convert_.pkcs12_to_.pem suricata_tls_invalid_record_traffic
squid:alerts:suricata_tls_invalid_record_traffic

This is an old revision of the document!

Squid - Alerts - SURICATA TLS invalid record/traffic

Suppress. 

suppress gen_id 1, sig_id 2230002

Probably false positives.

There have been some reports of flakiness with the TLS decoder rules in Suricata of late.

There is a post on the Suricata Redmine site about some other TLS issues.

squid/alerts/suricata_tls_invalid_record_traffic.1586273608.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki