[Bro] Overlaps Question
Adayadil Thomas
adayadil.thomas at gmail.com
Mon Aug 11 12:11:15 PDT 2008
Hello and Greetings !
I have a question on overlaps - TCP segment overlaps and IP fragments
overlap - how common they are
and how legitimate?
AFAIK, TCP segmentation overlaps can be seen in normal traffic and by
themselves cannot be deemed
malicious.
Is IP fragmentation overlap abnormal always? What is a scenario when
this can happen in a normal scenario?
Thanks in advance for the reply !
More information about the Bro
mailing list