[Oisf-users] Strange log lines in http.log
Victor Julien
victor at inliniac.net
Fri Mar 2 09:07:52 UTC 2012
On 03/02/2012 10:03 AM, Travel Factory S.r.l. wrote:
>
> Hi,
> I found a lot of these log lines:
> 03/02/2012-09:55:29.010948 <hostname unknown> [**]
> \xC0\x11\xC0\x13\x00E\x00D\x003\x002\xC0 [**] <useragent unknown> [**]
> user_ip:3965 -> proxy_ip:8080
>
> Matching http.log and proxy logs, they probably are https requests to
> the proxy.
>
> It seems that my suricata doesn't understand them... is it a setting ?
> or a compile time switch ?
Can you (privately) share a pcap for this?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list