pfsense:suricata:alerts:suricata_stream_timewait_ack_with_wrong_seq
PFSense - Suricata - Alerts - SURICATA STREAM TIMEWAIT ACK with wrong seq
The ack is the acknowledgement of the receipt of all previous (data)-bytes sent by the other side of the TCP-connection.
In most occasions every packet of a TCP connection has an ACK flag after the first SYN and a ack-number which increases with the receipt of every new data-byte.
Here, that ack-number sequence is not an incremental of the previous ack-number.
Suppress
#SURICATA STREAM TIMEWAIT ACK with wrong seq suppress gen_id 1, sig_id 2210042
pfsense/suricata/alerts/suricata_stream_timewait_ack_with_wrong_seq.txt · Last modified: 2021/01/15 00:29 by peter