[Oisf-users] libhtp defaults in suricata.yaml
Victor Julien
victor at inliniac.net
Fri Aug 10 13:54:15 UTC 2012
On 08/08/2012 06:40 PM, Will Metcalf wrote:
> +1 :)
ET distributes the default settings in it's yaml. What sigs need more?
> Regards,
>
> Will
>
> On Wed, Aug 8, 2012 at 11:35 AM, Eoin Miller
> <eoin.miller at trojanedbinaries.com> wrote:
>> Wondering if we could increase the values slightly from 3072? Missing a
>> good deal of alerting because of these default values. Below is default
>> from suricata.yaml:
>>
>> ---SNIP---
>> libhtp:
>>
>> default-config:
>> personality: IDS
>> # Can be specified in kb, mb, gb. Just a number indicates
>> # it's in bytes.
>> request-body-limit: 3072
>> response-body-limit: 3072
>> ---SNIP---
>>
>>
>> Maybe something more like:
>>
>> ---SNIP---
>> libhtp:
>>
>> default-config:
>> personality: IDS
>> # Can be specified in kb, mb, gb. Just a number indicates
>> # it's in bytes.
>> request-body-limit: 128kb
>> response-body-limit: 512kb
>> ---SNIP---
>>
>>
>> -- Eoin
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list