[Snort-users] WEB-MISC long basic authorization string
Rgreddy1 at ...4101...
Mon Nov 26 23:58:02 EST 2001
We are running snort on linux. I am getting so many "WEB-MISC long
basic authorization string" alerts. I notice that for all these messages the
destination ip is our proxy server ( for accessing the internet). The number
of hits from various ips to our proxy server which result in "WEB-MISC long
basic authorization string" alert range from 21 to 500. What could be wrong
? Do I need to change the security policy at proxy server ?
More information about the Snort-users