[Snort-users] TCP header length exceeds packet length
usebsd at ...953...
Mon Nov 3 14:15:11 EST 2003
Erik Nyman wrote:
> I'm testing a tool built by extol
> (http://www.extol.com.my/news/warning/other/blaster_detection.htm) but I get
> this warning message that I don't understand.
> WARNING: TCP Header length exceeds packet length!
> I have searched for an explanation, but I can't find any.
> Anyone that can explain what to do about the PC that sends these packets?
May be the IP length has been written in host format instead of network
format (so that would be a bug...?)
Are the ports set to zero or are they valid ports?
More information about the Snort-users