[Oisf-users] Lots of "TCP duplicated option" (SID 2200037) since upgrade to 3.1.1
Brian Keefer
chort at effu.se
Mon Jul 25 18:15:56 UTC 2016
I’m curious if anyone else has run into this. Previously I was on 3.0 RC (I don’t remember which one exactly). Ever since I upgrade our sensors to 3.1.1-release I’ve been seeing hundreds of thousands of “TCP duplicated option” alerts per day. I’m in the process of pulling out some PCAPs to try to see what exactly is going on. It appears the vast majority are being generated by Ubuntu boxes running Postfix, and CentOS boxes running Nagios.
--
bk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160725/c58b80ea/attachment.sig>
More information about the Oisf-users
mailing list