Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	TCP:C2S:AMBIG:OLAP-MISMATCH
Severity	Critical
Recommended	No
Recommended Action	Drop Packet
Category	TCP
Release Date	2003/08/27
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

TCP: C2S Ambiguity Mismatching Overlapping Data

This protocol anomaly triggers when it detects a TCP segment retransmission from the client to server in which the retransmitted data differs from the original data. This is a common IDS evasion attack; do not allow these packets to pass IDP.

Extended Description

The impact depends on how the implementation handles this kind of anomalous packet.

References

URL: http://www.faqs.org/rfcs/rfc813.html
URL: http://www.opalsoft.net/qos/TCP-1010.htm

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Release Date

Update Number

Supported Platforms

TCP: C2S Ambiguity Mismatching Overlapping Data

Extended Description

References