Hi, > In SmartView Tracker I can see that it got dropped by SmartDefense with > the same info as before: > > > > Attack Bad TCP sequence > > > Attack Information SYN retransmit with different windows scale > > I seem to only get this problem with the 131.107.115.28 which is a > server Microsoft uses for CRL verification I think.
One last thing I did was to capture this and look at it in wireshark. It was 9 packets and 1-8 had the following in TCP options: Window scale: 2 (multiply by 4) The last packet however didn't have this. I don't really know what that is, but that is the error I see in the tracker also. Regards, Torkel Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
