Difference between revisions of "HIDS 60141"
(Created page with "'''Rule ID''' 60141 '''Status''' Active rule currently published. '''Alert Message''' '''Description''' ASL does not cause this event. ASL is simply reporting wh...") |
Latest revision as of 14:36, 27 June 2017
Rule ID
60141
Status
Active rule currently published.
Alert Message
Description
ASL does not cause this event.
ASL is simply reporting when apache reports that a client has requested part of a file, document, etc. that is invalid. For example, the client asked for the 1800th-1900th bytes of a document, but the document was only 200 bytes long. This may indicate an attempt to carry out a denial of service attack, or the client may simply be trying to access files that have changed in size since the last request and client is using out of date cached data.
This rule does not block anything by default.
False Positives None.
It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
Tuning Guidance
None.
Similar Rules
None.
Knowledge Base Articles
None.
Outside References
None.