[Oisf-users] libhtp defaults in suricata.yaml

Will Metcalf william.metcalf at gmail.com
Wed Aug 8 16:40:56 UTC 2012


+1 :)

Regards,

Will

On Wed, Aug 8, 2012 at 11:35 AM, Eoin Miller
<eoin.miller at trojanedbinaries.com> wrote:
> Wondering if we could increase the values slightly from 3072? Missing a
> good deal of alerting because of these default values. Below is default
> from suricata.yaml:
>
> ---SNIP---
> libhtp:
>
>    default-config:
>      personality: IDS
>      # Can be specified in kb, mb, gb.  Just a number indicates
>      # it's in bytes.
>      request-body-limit: 3072
>      response-body-limit: 3072
> ---SNIP---
>
>
> Maybe something more like:
>
> ---SNIP---
> libhtp:
>
>    default-config:
>      personality: IDS
>      # Can be specified in kb, mb, gb.  Just a number indicates
>      # it's in bytes.
>      request-body-limit: 128kb
>      response-body-limit: 512kb
> ---SNIP---
>
>
> -- Eoin
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users



More information about the Oisf-users mailing list