[Zeek] Help to detect CVE-2019-11479
Zer0d0y
zer0d0y at foxmail.com
Mon Jul 1 08:19:42 PDT 2019
Hi all,
Recently,Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. (#CVE-2019-11479 : Excess Resource Consumption Due to Low MSS Values (all Linux versions)
We want to detecting this flaw with Zeek,but looks like there's no way to get the MSS(Maximum segment size) value of TCP Option,any ideas?
Thanks,
------------------
Zer0d0y
Threat Detection & Hunting
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190701/c7901c3c/attachment.html
More information about the Zeek
mailing list