[Oisf-users] libhtp defaults in suricata.yaml
Will Metcalf
william.metcalf at gmail.com
Fri Aug 10 17:22:54 UTC 2012
>ET distributes the default settings in it's yaml. What sigs need more?
Good point :).. We will.
On Fri, Aug 10, 2012 at 8:54 AM, Victor Julien <victor at inliniac.net> wrote:
> On 08/08/2012 06:40 PM, Will Metcalf wrote:
>> +1 :)
>
> ET distributes the default settings in it's yaml. What sigs need more?
>
>> Regards,
>>
>> Will
>>
>> On Wed, Aug 8, 2012 at 11:35 AM, Eoin Miller
>> <eoin.miller at trojanedbinaries.com> wrote:
>>> Wondering if we could increase the values slightly from 3072? Missing a
>>> good deal of alerting because of these default values. Below is default
>>> from suricata.yaml:
>>>
>>> ---SNIP---
>>> libhtp:
>>>
>>> default-config:
>>> personality: IDS
>>> # Can be specified in kb, mb, gb. Just a number indicates
>>> # it's in bytes.
>>> request-body-limit: 3072
>>> response-body-limit: 3072
>>> ---SNIP---
>>>
>>>
>>> Maybe something more like:
>>>
>>> ---SNIP---
>>> libhtp:
>>>
>>> default-config:
>>> personality: IDS
>>> # Can be specified in kb, mb, gb. Just a number indicates
>>> # it's in bytes.
>>> request-body-limit: 128kb
>>> response-body-limit: 512kb
>>> ---SNIP---
>>>
>>>
>>> -- Eoin
>>> _______________________________________________
>>> Oisf-users mailing list
>>> Oisf-users at openinfosecfoundation.org
>>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
More information about the Oisf-users
mailing list