What does this message mean? It looks like an attack . I have found some messages in forums that suggests that no action is required since the IDS locked the attack. Is that true for any IDS Alert? I have a lot of messages with different attacks (I attach the latest). Thanks a lot. [INTERFACE]: PHP IDS Alert.Total impact: 15<br/> Affected tags: dt, id, lfi<br/> <br/> Variable: GET.controller | Value: ../../../../../../../../etc/passwd<br/> Impact: 15 | Tags: dt, id, lfi<br/> Description: Detects basic directory traversal | Tags: dt, id, lfi | ID 10<br/> Description: Detects specific directory and path traversal | Tags: dt, id, lfi | ID 11<br/> Description: Detects etc/passwd inclusion attempts | Tags: dt, id, lfi | ID 12<br/> <br/>
This means that the Intrusion Detection system successfully detected a directory traversal attack against your server, so your system is safe. Correct. It's the purpose of the IDS to detect and prevent such attacks and that's what it did successfully, so no further action is needed.
