Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
lraaicfdb
Contributor

Threat Emulation failure "Gzip exceeded maximum decompression ratio"

Hello everyone,
our security gateway is currently blocking Google pages from time to time. Threat emulation is stopping traffic with the error: HTTP parsing error occurred - Gzip exceeded maximum decompression ratio.

However, gzip is excluded in the Threat Emulation Blade. Can someone explain the error to me? What decompression ratio are we talking about here?

Thank you!

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

gzip in Threat Emulation refers to files with .gz.
What this is referring to is the gzip compression that web servers sometimes do as part of the HTTP connection.

HTTP Parsing Errors are usually triggered by specific inspection settings.
There appears to be one for this:

image.png

I don't believe disabling this option is a good idea.
I would check with TAC here.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events