📄 119-16.txt
字号:
Rule: --Sid: 119-16-- Summary: This event is generated when the pre-processor http_inspectdetects network traffic that may constitute an attack.-- Impact: Unknown. This may be an attempt to evade an IDS.--Detailed Information:This event is generated when the http_inspect pre-processor detects theuse of an oversized chunk encoded request. This may be an indicator ofan attack against a web server.This event may also indicate the use of http tunneling.--Affected Systems: Apache--Attack Scenarios: -- Ease of Attack: Simple.-- False Positives:None Known.--False Negatives:None Known.-- Corrective Action:Check the target host for signs of compromise.Apply any appropriate vendor supplied patches.--Contributors:Daniel Roelker <droelker@sourcefire.com> Sourcefire Vulnerability Research TeamNigel Houghton <nigel.houghton@sourcefire.com>-- Additional References:HTTP IDS Evasions Revisited - Daniel Roelkerhttp://docs.idsresearch.org/http_ids_evasions.pdf--⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -