Difference between revisions of "HIDS 60128"
From Atomicorp Wiki
(Created page with "{{Infobox |header1= Rule 60128 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Denied an untrusted non system library binary from hooking an application }} ...") |
Latest revision as of 10:53, 17 October 2014
| Rule 60128 | |
|---|---|
| Status | Active |
| Alert Message | Denied an untrusted non system library binary from hooking an application |
Contents |
[edit] Description
This event is not caused by ASL. ASL is just reporting when apache has rejected a request with a "Forbidden" 403 error message.
This rule is triggered when apache blocks a request as forbidden, and sends a 403 error. This is not caused by ASL, or any other rule. This rule just reports when apache has blocked a request.
You should investigate this event as it may be part of a broader attack.
[edit] Troubleshooting
[edit] False Positives
None. This rule just reports when apache has blocked a request. This block is not caused by this rule, any other rule, or ASL. Disabling this rule will not prevent apache from blocking these requests, it will just prevent ASL from reporting that this has happened.
[edit] Additional Information
[edit] Similar Rules
None.
[edit] Knowledge Base Articles
None.
