Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
419
Views
0
Helpful
1
Replies

false negative for syn ack scan

darin.marais
Level 4
Level 4

‎11-14-2006 05:47 AM - edited ‎03-10-2019 03:19 AM

Our sensors are false negative on all syn ack scans that are received. Is there a signature current on the ids that will capture the following?

1 2006-11-14 14:27:04.287620 202.103.178.165 my.net.163.77 TCP http > 21129 [SYN, ACK] Seq=0 Ack=0 Win=0 Len=0 MSS=0

cut

10 2006-11-14 14:27:06.868677 202.103.178.165 my.net.251.125 TCP http > 606 [SYN, ACK] Seq=0 Ack=0 Win=0 Len=0 MSS=0

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card