119-11.txt

来自「This is the snapshot of Snot Latest Rule」· 文本代码 · 共 63 行

TXT

63 行

Rule: --Sid: 119-11-- Summary: This event is generated when the pre-processor http_inspectdetects network traffic that may constitute an attack.-- Impact: Unknown. This event may also constitute an attempt to evade an IDS.--Detailed Information:This event is generated when the http_inspect pre-processor detects theuse of directory traversal in a web request. This may be an attempt toescape the web root directory or it may be an attempt to evade an IDS.--Affected Systems:	Microsoft IIS Servers--Attack Scenarios: An attacker may supply a path to a file outside the web root by using"../" in the uri.-- Ease of Attack: Simple.-- False Positives:This event may be generated if a web site uses "../" in links to otherfiles on the site.--False Negatives:None Known.-- Corrective Action:Check the target host for signs of compromise.Apply any appropriate vendor supplied patches.--Contributors:Daniel Roelker <droelker@sourcefire.com> Sourcefire Vulnerability Research TeamNigel Houghton <nigel.houghton@sourcefire.com>-- Additional References:HTTP IDS Evasions Revisited - Daniel Roelkerhttp://docs.idsresearch.org/http_ids_evasions.pdf--

119-11.txt - 源码说明

本页面展示了「This is the snapshot of Snot Latest Rules」中的 119-11.txt 源码文件，采用文本编程语言编写，共 63 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与snapshot相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?