[Oisf-users] Suricata 1.4 Checksums only checked for TCP packets?
Vincent Fang
vincent.y.fang at gmail.com
Tue Jan 29 16:56:30 UTC 2013
I couldn't find these keywords in the online documentation. Do these go in
the suricata.yaml and what's the format to enable these modes?
On Tue, Jan 29, 2013 at 5:22 AM, Victor Julien <lists at inliniac.net> wrote:
> On 01/28/2013 08:52 PM, Vincent Fang wrote:
> > I was reading through the online documentation and it only indicates
> > that it verifies the checksums for TCP packets. What about UDP or IP
> > checksums?
>
> The TCP engine checks TCP checksums for by default to prevent various
> TCP reassembly evasion issues. Other checksums can be checked by using
> the ipv4-csum, tcpv4-csum, tcpv6-csum, udpv4-csum, udpv6-csum,
> icmpv4-csum and icmpv6-csum keywords.
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20130129/d8bc378c/attachment-0002.html>
More information about the Oisf-users
mailing list