Excellent write up. Would you put this rule in the local_rules or web_rules file?
Cheers, Mike -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael Starks Sent: Sunday, August 28, 2011 12:42 PM To: [email protected] Subject: [ossec-list] Detecting the Apache Range Header DoS Attack http://www.immutablesecurity.com/index.php/2011/08/28/detecting-the-apache-range-header-dos-attack-with-ossec/ Testing of the rules and feedback appreciated.
