Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	ICMP:EXPLOIT:DIFF-LEN-IN-RESND
Severity	Major
Recommended	No
Category	ICMP
Release Date	2003/08/27
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

ICMP: Echo Request Resent w/Different Length

This protocol anomaly triggers when it detects an ICMP echo request retransmission (for example, with the same ID and sequence numbers) with different data length. This can indicate data tunneling over ICMP.

Extended Description

Matched ICMP ECHO REQUEST and ECHO REPLY packets whose data do not match are protocol anomalies. Their presence could indicate that a transmission error has occurred, or that data tunneling over ICMP is taking place.

References

URL: http://www.faqs.org/rfcs/rfc792.html
URL: https://www2.juniper.net/security/auto/vulnerabilities/vuln2069.html

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Category

Release Date

Update Number

Supported Platforms

ICMP: Echo Request Resent w/Different Length

Extended Description

References