Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
TCP:OPTERR:BAD-LENGTH |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop Packet |
Category |
TCP |
Keywords |
Options Error Bad Option Length |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
TCP: Options Error Bad Option Length
This protocol anomaly triggers when it detects an option with a specified length that differs from the TCP specification. Because this can indicate an exploit attempt, it is recommended to drop these packets.
Extended Description
An IP packet with an option section that does not follow RFC 793 length specifications constitutes a protocol anomaly. Detection of this condition could indicate a network configuration error or that an attack involving the injection of malformed IP packets is underway.
References