Er.... You really shouldn't be using your IDS to surf the web etc. I kinda defeats the purpose of the IDS. It needs to be secure, browsing the web makes it insecure..... 'nuff said?

127.0.0.1 should not be alerted upon, create a "pass rule" for 127.0.0.1 and it will be ignored.

NOTE: Be careful with "pass" rules, they can bite you in the ass.

The directory traversal attack is where the attacker tries, through various means, to move up the directory tree and then often back down again to another directory. kinda like issuing a:-

cd\ <ENTER>
cd winnt\system32 <ENTER>

and then attemting to execute cmd.exe for example.

If the target's permissions are correctly set a 404 will be returned, if not then you are in trouble because your permissions will allow execution of any application the attacker wishes that can be executed with command line switches and the output can be returned to the attacker.