Rule

--
Sid
111-22

--
Summary:
This event is generated when the stream4 preprocessor detects anomalous network traffic.

--
Impact:
Unknown. This is an indication of anomalous behaviour between networked assets.

--
Detailed Information:
This event is generated when the stream4 preprocessor detects anomalous network traffic.

In particular, the preprocessor has detected that the limit on the number of overlapping TCP packets has been reached.

--
Affected Systems:
All networked systems.

--
Attack Scenarios:


--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:


--
Contributors:
Sourcefire Vulnerability Research Team


--
Additional References:


--
