Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 1240 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Http uploads using PHP

elnuevopajaro
Hi,

I am using ASL 6 and has some problems with uploading via http using PHP scripts on my server within ASL where anything larger than 2MB will be corrupted somehow. I thought it was an apache/php problem but i had eradicated all. So i am suspecting ASL because i tried several locations outside ASL and had
this problem while there isnt any problem when i try
it on the LAN within ASL and it's not a browser issue.

Thus, i would like to know where is the place likely that ASL will
deny/filter http uploads and also anywhere with regards to packet
fragmentation? I certainly didnt see anything worthy in livelog.

Thanks


This thread was automatically locked due to age.
Parents
  • 0
    I actually saw this in intrusion protection live log:
    2006:01:17-02:16:59 (none) snort[21160]: [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING  {PROTO006} 202.156.6.36:30403 -> 192.168.1.6:80
    2006:01:17-02:16:59 (none) snort[21160]: [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING  {PROTO006} 202.156.6.36:30403 -> 192.168.1.6:80
    2006:01:17-02:17:24 (none) snort[21160]: [119:15:1] (http_inspect) OVERSIZE REQUEST-URI DIRECTORY  {PROTO006} 202.156.6.36:30403 -> 192.168.1.6:80 where 192.168.1.6 is the http server in question
  • 0 in reply to elnuevopajaro
    Well, you can disable that rule in the IPS, if it's set to BLOCK.

    Also, the Squid http proxy configuration may not be letting you upload large files.

    Barry
  • 0 in reply to BarryG
    Can anyone tell mi where n what are the rules that causes these? I cant find them in intrusion protection even via search string
Reply Children