[Bro] Overlaps Question

[Adayadil Thomas]

Hello and Greetings !

I have a question on overlaps - TCP segment overlaps and IP fragments
overlap - how common they are
and how legitimate?

AFAIK, TCP segmentation overlaps can be seen in normal traffic and by
themselves cannot be deemed
malicious.

Is IP fragmentation overlap abnormal always? What is a scenario when
this can happen in a normal scenario?

Thanks in advance for the reply !