4. SURICATA UDPv6 invalid checksum

SURICATA UDPv6 invalid checksum

  • T

    I am getting loads of blocks in Suricata,

    06/16/2018-20:24:09.762839  [Block Dst] [**] [1:2200078:2] SURICATA UDPv6 invalid checksum [**] [Classification: Generic Protocol Command Decode] [Priority: 3]

    I have enabled "Disable hardware checksum offload" in Advanced>Networking>Hardware Checksum Offloading which seems to have gotten rid of "SURICATA UDPv4 invalid checksum". But this IPV6 checksum still comes up.

    My system is Supermicro A2SDi-4C-HLN4F running Intel X553 nics.

    0
    T
     1 Reply
  • T

    @trumee
    I think we ended disabling the entire stream-events.rules ruleset to avoid these errors. IIRC if you are in legacy mode the packets can be scanned out of order and trigger false positives.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy