[Discussion] Problem with detection of POST Attacks

Menerick, John jmenerick at netsuite.com
Wed Jul 22 19:57:56 UTC 2015


I assume you have sniffed the traffic going over the interface and is able to verify POST traffic is flowing past the interface?



Warmly,

John Menerick
https://securesql <https://securesql/>.info


> On Jul 22, 2015, at 12:41 PM, gsn security <vasugameloft at gmail.com> wrote:
> 
> Hello  Everyone,
> 
> I am new to Suricata, I have my ids set -up to receive all Attacks that we coming from both POST and GET requests, unfortunately , My ids is not picking up all the POST attacks especially the SQL injection attempts form POST parameters. I have tried to modify the sql injection rules but nothing wors? Do you have any idea why it is not detecting sql injection attacks coming from POST?
> 
> 
> Thanks and Regards
> Vasu
> _______________________________________________
> Discussion mailing list
> Discussion at lists.openinfosecfoundation.org
> https://lists.openinfosecfoundation.org/mailman/listinfo/discussion
> Suricata User Conference: Nov 4/5 in Barcelona: http://oisfevents.net
> User and Developer trainings: http://suricata-ids.org/training/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/discussion/attachments/20150722/b8720c3c/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/discussion/attachments/20150722/b8720c3c/attachment.sig>


More information about the Discussion mailing list