[Oisf-users] libhtp defaults in suricata.yaml
Peter Manev
petermanev at gmail.com
Wed Aug 8 17:25:47 UTC 2012
+2
On Wed, Aug 8, 2012 at 6:40 PM, Will Metcalf <william.metcalf at gmail.com>wrote:
> +1 :)
>
> Regards,
>
> Will
>
> On Wed, Aug 8, 2012 at 11:35 AM, Eoin Miller
> <eoin.miller at trojanedbinaries.com> wrote:
> > Wondering if we could increase the values slightly from 3072? Missing a
> > good deal of alerting because of these default values. Below is default
> > from suricata.yaml:
> >
> > ---SNIP---
> > libhtp:
> >
> > default-config:
> > personality: IDS
> > # Can be specified in kb, mb, gb. Just a number indicates
> > # it's in bytes.
> > request-body-limit: 3072
> > response-body-limit: 3072
> > ---SNIP---
> >
> >
> > Maybe something more like:
> >
> > ---SNIP---
> > libhtp:
> >
> > default-config:
> > personality: IDS
> > # Can be specified in kb, mb, gb. Just a number indicates
> > # it's in bytes.
> > request-body-limit: 128kb
> > response-body-limit: 512kb
> > ---SNIP---
> >
> >
> > -- Eoin
> > _______________________________________________
> > Oisf-users mailing list
> > Oisf-users at openinfosecfoundation.org
> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
--
Regards,
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120808/1b499454/attachment-0002.html>
More information about the Oisf-users
mailing list