Project

General

Profile

Actions

Bug #7264

closed

detect/flow: ACK with data on 3whs fails to match 'flow:established'

Added by Victor Julien 2 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

In case the ACK in the 3 way handshake is missing, and the 3whs is instead completed by an ACK with data, rules using `flow:established` will not match on that packet, even though they should.


Subtasks 1 (0 open1 closed)

Bug #7265: detect/flow: ACK with data on 3whs fails to match 'flow:established' (7.0.x backport)ClosedVictor JulienActions
Actions

Also available in: Atom PDF