mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4713ce44c2
Ticket: #4569
If a FIN+SYN packet is sent, the destination may keep the
connection alive instead of starting to close it.
In this case, a later SYN packet will be ignored by the
destination.
Previously, Suricata considered this a session reuse, and thus
used the sequence number of the last SYN packet, instead of
using the one of the live connection, leading to evasion.
This commit errors on FIN+SYN so that they do not get
processed as regular FIN packets.
(cherry picked from commit
|
4 years ago | |
|---|---|---|
| .. | ||
| Makefile.am | 7 years ago | |
| app-layer-events.rules | ||
| decoder-events.rules | 5 years ago | |
| dhcp-events.rules | ||
| dnp3-events.rules | ||
| dns-events.rules | ||
| files.rules | ||
| http-events.rules | 7 years ago | |
| ipsec-events.rules | ||
| kerberos-events.rules | ||
| modbus-events.rules | ||
| nfs-events.rules | ||
| ntp-events.rules | ||
| smb-events.rules | 6 years ago | |
| smtp-events.rules | 6 years ago | |
| stream-events.rules | 4 years ago | |
| tls-events.rules | ||