Firewall Wizards mailing list archives
TCP segments with overlapping data
From: miedaner <miedaner () mold appliedtheory com>
Date: Mon, 03 Dec 2001 18:37:14 -0500
Hi All, I am getting IDS messages that say that there are TCP segments with overlapping data. The vendor indicates the following: "Data in TCP connections is broken into packet-sized segments for transmission. The target host must reassemble these segments into a contiguous stream to deliver it to an application." Besides my confusion on the language here... Has anybody seen this? My question is what is TCP overlapping data? Assuming a layer 2 problem: Is it that the offset in the IP header is overlapping for a packet with the same ID? What is the vulnerability associated? _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- TCP segments with overlapping data miedaner (Dec 04)
- Re: TCP segments with overlapping data Ng Pheng Siong (Dec 05)
- <Possible follow-ups>
- Re: TCP segments with overlapping data Vern Paxson (Dec 05)