Video Screencast Help

Denial of Service "IP Fragmentation Overlap" attack detected.

Created: 09 Apr 2014 | 4 comments

Hi,

We are reciving "Denial of Service "IP Fragmentation Overlap" attack detected." alerts on number of PC's. Are these false positive alerts?

Operating Systems:

Comments 4 CommentsJump to latest comment

Brɨan's picture

What is the source IP? Internal or external?

What's the exact version of SEP you're running?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Kumar K's picture

Hi Brian,

It's internal. It's a network device.

SEP verions is 12.1.2015.2015

Brɨan's picture

Unless the device is improperly configured, it could be a legit alert

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Kumar K's picture

Hi Brian,

This is where I am stucking. It's a network device, why it is sending these type of alerts.

Earlier, it was a known issue for SEP 11.0.6 and earlier version. But we are using SEP 12.1 RU2 and it is resolved in this version.