HIDS 40106

From Atomicorp Wiki
Jump to: navigation, search
Rule 1
Status Active
Alert Message audit failure event

Contents

Description

Possible buffer overflow attempt

What you should do

This is an anomaly detection event. The service has logged an unusual request containing "@@@@@@@@@@@@@@@@@@@@@@@@". This could be padding indicating a stack overflow attack, or a very misconfigured application.

Troubleshooting

False Positives

There are no false positives with this rule.

Tuning Guidance

There is no guidance for tuning this rule, this is a generic error and the rule should not be disabled.

Additional Information

Support

If you are unsure about how to respond to this alert, please contact Atomicorp support. We're here to help you!

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Notes

Personal tools