Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 IP:ESP-RUNT

Severity

 Info

Recommended

 No

Category

 IP

Release Date

 2006/07/12

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

IP: ESP Runt


This signature detects ESP packets that are too short to contain a valid payload. ESP is a tunneling protocol and therefore should contain payload data. Sending an empty ESP packet is anomalous and therefore suspect. An attacker could be probing your IPSEC gateways for vulnerabilities. If you do not use IPSEC, this signature is not recommended.

Extended Description

None

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out