Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 MS-RPC:ERR:FRAG-LEN-TOO-SMALL

Severity

 High

Recommended

 Yes

Category

 MS-RPC

Release Date

 2004/02/24

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

MS-RPC: Frag Length Too Small


This protocol anomaly is a Microsoft Remote Procedure Call (MSRPC) fragment length that is less than the common header length. Detecting this anomaly can indicate a malicious user might be attacking your system.

Extended Description

An anomaly exists if an MSRPC message fragment length is less than the TCP packet header length, and should be detected.

References

  • URL: http://windowssdk.msdn.microsoft.com/en-us/library/ms719418.aspx
  • URL: http://www.faqs.org/rfcs/rfc1050.html
  • URL: http://en.wikipedia.org/wiki/MSRPC

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out