In same stream,Multiple post requests use same URL and the response responds to 200 OK ; The first 10 bytes of two consecutive post request_bodies are the same;
if suricata rule or rule script can deel with the problem ?
Or zeek engine ?
In same stream,Multiple post requests use same URL and the response responds to 200 OK ; The first 10 bytes of two consecutive post request_bodies are the same;
if suricata rule or rule script can deel with the problem ?
Or zeek engine ?
How would you like to deal with the problem overall? It’s not quite clear what you want to achieve in detail.
