[Oisf-users] libhtp defaults in suricata.yaml

Eoin Miller eoin.miller at trojanedbinaries.com
Wed Aug 8 16:35:14 UTC 2012


Wondering if we could increase the values slightly from 3072? Missing a
good deal of alerting because of these default values. Below is default
from suricata.yaml:

---SNIP---
libhtp:

   default-config:
     personality: IDS
     # Can be specified in kb, mb, gb.  Just a number indicates
     # it's in bytes.
     request-body-limit: 3072
     response-body-limit: 3072
---SNIP---


Maybe something more like:

---SNIP---
libhtp:

   default-config:
     personality: IDS
     # Can be specified in kb, mb, gb.  Just a number indicates
     # it's in bytes.
     request-body-limit: 128kb
     response-body-limit: 512kb
---SNIP---


-- Eoin



More information about the Oisf-users mailing list