upgrade from snort 2.0.1 -> 2.1.2: guardian blocks common http access

["Walter Joman" <eiskalt007 () hotmail com>]

hi all,

i've upgraded snort from 2.0.1 to 2.1.2, now guardian blocks lots of 
common/normal http-requests. mostly (sh)it happens when posting request in 
phpmyadmin or horde-frameset, but even on normal "website-surfin'"

the most common ouputs of snort/guardian are:

(http_inspect) OVERSIZE REQUEST-URI DIRECTORY

and

(http_inspect) BARE BYTE UNICODE ENCODING

and

(http_inspect) APACHE WHITESPACE (TAB)

and finaly

(http_inspect) NON-RFC HTTP DELIMITER

should I disable these rules? why does this happen?

thank you all for ur participation.

andreas

_________________________________________________________________
MSN Messenger - sehen, welche Freunde online sind! 
http://www.msn.de/messenger Jetzt kostenlos downloaden und mitmachen!



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users