Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] How to change the value of the IDP sensor setting.

0

0

Article ID: KB31224 KB Last Updated: 03 Nov 2016Version: 1.0
Summary:

This article explains how to change the IDP sensor setting on an SRX when you need to modify the value for an IDP signature.

Symptoms:

Some IDP signatures allow users to modify certain values. The documentation for this is available for SA-IDP and ISG IDP. For example, the following paragraph is found in HTTP: URL Overflow.

“This protocol anomaly triggers when an HTTP request with a URL that exceeds the length threshold is detected. This can be an attempt to overflow the server. Default value: 1024. You can set the HTTP request length threshold to a higher or lower value. In IDP Manager: Select a security policy from Security Policies, then select the Sensor Settings tab. Select Protocol Thresholds and Configuration > HTTP. In Netscreen-Security Manager: In the device navigation tree select Security > IDP SM Settings, then select the Protocol Thresholds and Configuration tab. Under HTTP, click the Show button. Set the Maximum Request length to the new value and click OK.”

However, the information is not available for SRX IDP.

Note: Refer to Signatures documentation for more information.

Solution:

Use the following command to change the value for SRX:

root@SRX# set security idp sensor-configuration detector protocol-name HTTP tunable-name sc_http_request_length tunable-value 2048

[edit]
root@SRX# show security idp sensor-configuration
detector {
     protocol-name HTTP {
          tunable-name sc_http_request_length {
               tunable-value 2048;
          }
     }
}
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search