| Message Code | PIX-4-415012 |
| Severity | Warning |
| Description | internal_sig_id HTTP Deobfuscation signature detected - action HTTP deobfuscation detected IPS evasion technique from source_address to source_address. |
| Explanation | This message is issued when the http-map strict-http command is configured and an HTTP evasion technique is detected. internal_sig_id: This an internal “policy number” that can be used by developers to identify the specific policy that triggered the alert. action: This can contain either: “Reset -” or “Drop -” depending upon the user-configured action. If the action is “log” then the null string "" is passed. source_address: The source address of the packet in which the obfuscation was detected. dest_address: The destination address of the packet in which the obfuscation was detected. |
| User Action | Hackers obfuscate URLs in an attempt to bypass security checks. This message indicates an attack. |
| Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.