Code: p158 Severity: Notice
Description: HTTP HEAD request and the request GET are similar. Head CGI is often used for scanning, thereby evade IDS system. If there are many Head request, should pay more attention. Impact: Any web server. Corrective: HTTP HEAD request is likely to imply that an attacker trying to bypass the IDS. Checks web address to determine whether the request is suspicious HEAD.
|
