diff --git a/mmt-security.conf b/mmt-security.conf index d1ed64f..394c780 100644 --- a/mmt-security.conf +++ b/mmt-security.conf @@ -1,5 +1,5 @@ # maximum size, in bytes, of a report received from mmt-probe -input.max_message_size 32824 +input.max_message_size 3000 # number of fsm instances of one rule security.max_instances 100000 diff --git a/rules/108.http2_payload_fuzzing.xml b/rules/108.http2_payload_fuzzing.xml index 339e253..3deb773 100644 --- a/rules/108.http2_payload_fuzzing.xml +++ b/rules/108.http2_payload_fuzzing.xml @@ -15,19 +15,19 @@ static bool em_check_fuzzing(int payload_length, const char* payload, double pac //char*data; //data=(char*)payload_data; - printf("payload length %d \n",payload_length); + //printf("payload length %d \n",payload_length); bool result=false; for (int i = 9; i < payload_length + 9 ; i++) { //printf(" %02hhX ",payload[i]); - printf(" %c",payload[i]); + //printf(" %c",payload[i]); if((payload[i]=='\\')|| payload[i]=='#' || (payload[i]=='%') || (payload[i]=='$')){ result=true; - printf( " Rule 98:Recognized suspect fuzzing. Length %d %f\n",payload_length,packet_id); + // printf( " Rule 98:Recognized suspect fuzzing. Length %d %f\n",payload_length,packet_id); break; } } - printf("\n"); + //printf("\n"); return result; } diff --git a/rules/80.nas_suci_attack.xml b/rules/112.nas_suci_attack.xml similarity index 97% rename from rules/80.nas_suci_attack.xml rename to rules/112.nas_suci_attack.xml index 960b403..59d6a60 100644 --- a/rules/80.nas_suci_attack.xml +++ b/rules/112.nas_suci_attack.xml @@ -50,7 +50,7 @@ static inline bool em_5g_check_msg_throughput( const void *data ){ return (counter >= limit_5g_suci_requests_per_ms); } ]]> -