[Snort-users] IIS Unicode attack

Keith McDuffee keith.mcduffee at ...770...
Thu Jan 25 13:34:46 EST 2001


With Snort 1.7 running on OpenBSD 2.6, I'm getting an awful lot of "IIS
Unicode attack detected" triggers in my log files when people are visiting
legit sites.  What's the easiest way just to turn this off besides (I
assume) turning off http decoding?

Thanks,

Keith





More information about the Snort-users mailing list