HIDS 60141

From Atomicorp Wiki
Revision as of 15:36, 27 June 2017 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Rule ID



Active rule currently published.

Alert Message


ASL does not cause this event.

ASL is simply reporting when apache reports that a client has requested part of a file, document, etc. that is invalid. For example, the client asked for the 1800th-1900th bytes of a document, but the document was only 200 bytes long. This may indicate an attempt to carry out a denial of service attack, or the client may simply be trying to access files that have changed in size since the last request and client is using out of date cached data.

This rule does not block anything by default.

False Positives None.

It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.

Tuning Guidance


Similar Rules


Knowledge Base Articles


Outside References


Personal tools