Experimental TCP options

  • I have been running Snort in IPS mode on my firewall for quite some time now but am just now getting some more false positives from my users that are being blocked by "Experimental TCP Options".  Can anyone provide any insight to why they are being blocked when doing normal browsing?  I have not been able to see where this setting is located as I only have SQL.rules checked.


Log in to reply