HTTP transfer can take place either by requesting the direct file (example: http://somedomain.com/virus.exe), which is very easy for IDS systems or by serving the file from a dynamic server script (php) using the "attachment" content disposition mime type.

Example of http request of url direct file request using tcpdump:

.UL.....GET /nginx/download.exe HTTP/1.1
Host: 82.78.227.176
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:12.0) Gecko/20100101 Firefox/12.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Connection: ...

Starting with Junos 11.4, IDP uses a hardware component to compile policy. This provides some advantages over the software compiler ("idpd" process on control plane):
- faster compile time.
- resulted policy memory footprint is ~80% smaller.
- some minor bugs that Juniper will fix in next releases.

When using custom signatures, one common mistake is forgetting to close the case insensitive denoting brackets ( \ ).

This will result in a JPME error: ...