[Snort-users] Is this an exploit attempt - or normal activity?

CasperLinux CasperLinux at ...5068...
Wed Feb 15 04:49:11 EST 2006

Events between  02 14 06:29:19  and  02 15 01:56:52
   14  66.177.117.xxx   192.xxx.x.x     (http_inspect) OVERSIZE REQUEST-URI 

I've tried to look this up but can not really determine.  I did report the IP 
to Comcast but they don't respond (not that I expected them to).  This same 
IP is nearly 100% of the source of my "intrusion" detection for this same 
activity.  I have checked the apache logs but do not see anything that I 
would consider as a smoking gun.

Is this an issue or can I ignore this?

- Powered by Debian Linux - 

More information about the Snort-users mailing list