[Oisf-users] Suricata 1.4 Checksums only checked for TCP packets?
Victor Julien
lists at inliniac.net
Tue Jan 29 10:22:33 UTC 2013
On 01/28/2013 08:52 PM, Vincent Fang wrote:
> I was reading through the online documentation and it only indicates
> that it verifies the checksums for TCP packets. What about UDP or IP
> checksums?
The TCP engine checks TCP checksums for by default to prevent various
TCP reassembly evasion issues. Other checksums can be checked by using
the ipv4-csum, tcpv4-csum, tcpv6-csum, udpv4-csum, udpv6-csum,
icmpv4-csum and icmpv6-csum keywords.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list