Snort mailing list archives
Re: TCP header length exceeds packet length
From: mouss <usebsd () free fr>
Date: Mon, 03 Nov 2003 23:14:44 +0100
Erik Nyman wrote:
Hi! I'm testing a tool built by extol (http://www.extol.com.my/news/warning/other/blaster_detection.htm) but I get this warning message that I don't understand. WARNING: TCP Header length exceeds packet length! I have searched for an explanation, but I can't find any. Anyone that can explain what to do about the PC that sends these packets?
May be the IP length has been written in host format instead of network format (so that would be a bug...?)
Are the ports set to zero or are they valid ports? ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- TCP header length exceeds packet length Erik Nyman (Nov 03)
- Re: TCP header length exceeds packet length Phil Wood (Nov 03)
- <Possible follow-ups>
- TCP header length exceeds packet length Erik Nyman (Nov 03)
- Re: TCP header length exceeds packet length mouss (Nov 03)