Difference between revisions of "WAF 340001"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with 'Rule ID: 340001 Alert Message: Atomicorp.com WAF Rules: Dis-allowed Transfer Encoding - modsecurity does not support this encoding and can not detect attacks using it, therefor…')
 
m
 
(5 intermediate revisions by one user not shown)
Line 1: Line 1:
Rule ID: 340001
+
'''Rule ID'''
  
Alert Message:  Atomicorp.com WAF Rules: Dis-allowed Transfer Encoding - modsecurity does not support this encoding and can not detect attacks using it, therefore it is blocked.
+
340001
  
Description:  modsecurity, the WAF used, does not support Transfer Encoding, therefore it can not see or evaluate any traffic encoded in this manner.  If an attack were to be encoded in this way the WAF would not catch it, therefore the WAF is configured to block this traffic.
+
'' Status'''
 +
 
 +
Inactive.  If you are getting this alert, it means your rules are very out of date.  This rule is no longer required.
 +
 
 +
'''Alert Message''' 
 +
 
 +
Atomicorp.com WAF Rules: Dis-allowed Transfer Encoding - modsecurity does not support this encoding and can not detect attacks using it, therefore it is blocked.
 +
 
 +
'''Description'''  
 +
 
 +
modsecurity, the WAF used, does not support Transfer Encoding, therefore it can not see or evaluate any traffic encoded in this manner.  If an attack were to be encoded in this way the WAF would not catch it, therefore the WAF is configured to block this traffic.
 +
 
 +
'''False Positives'''
 +
 
 +
None.  This does not have any known false positives.  If it triggers it means Transfer Encoding is being used.  If you allow Transfer Encoding by disabling this rule you will open your system up to attacks that ASL can not detect or prevent.
 +
 
 +
'''Similar Rules'''
 +
 
 +
[[WAF_340362]]

Latest revision as of 05:47, 16 May 2012

Rule ID

340001

Status'

Inactive. If you are getting this alert, it means your rules are very out of date. This rule is no longer required.

Alert Message

Atomicorp.com WAF Rules: Dis-allowed Transfer Encoding - modsecurity does not support this encoding and can not detect attacks using it, therefore it is blocked.

Description

modsecurity, the WAF used, does not support Transfer Encoding, therefore it can not see or evaluate any traffic encoded in this manner. If an attack were to be encoded in this way the WAF would not catch it, therefore the WAF is configured to block this traffic.

False Positives

None. This does not have any known false positives. If it triggers it means Transfer Encoding is being used. If you allow Transfer Encoding by disabling this rule you will open your system up to attacks that ASL can not detect or prevent.

Similar Rules

WAF_340362

Personal tools