Chapter 29: Unclassified
• Established TCP Connection, page 331
• Incomplete virtual protocol, page 331
• Malformed virtual protocol, page 332
• Unknown virtual protocol, page 332
29.1. Established TCP Connection
The Established protocol is a virtual protocol grouping all TCP connections already established
before starting analyzing the traffic (no SYNC).
Family: Standard
Over: tcp
Revision: 17
Risk level: 1
Tag: Not Used
29.2. Incomplete virtual protocol
Incomplete is used when the protocol signature is too long.
Family: Standard
Over: eth
Over: ip
Over: ip6
Over: isl
Over: llc
Over: ppp
Over: pppoe
Over: sctp
Over: snap
Over: udp
Revision: 18
Risk level: 1
331
To Next Page
Loading...
