Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
980
Views
0
Helpful
0
Replies

Event generation on high ports of the signature DCE2_EVENT__CO_FRAG_GT_MAX_XMIT_FRAG (133:35:2)

SupportAC
Level 1
Level 1

‎05-24-2021 04:09 AM

Hi,

 

DCE2_EVENT__CO_FRAG_GT_MAX_XMIT_FRAG signature events are being generated, and when reviewing it we see that the detected traffic is on high ports, both in origin and destination. According to the rule the traffic it inspects is ICMP.

Are we interpreting it wrong, what does this rule check?

 

Thanks.

Preview file
85 KB
Preview file
32 KB
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card