Project

General

Profile

Actions

Bug #1858

closed

Lots of TCP 'duplicated option/DNS malformed request data' after upgrading from 3.0.1 to 3.1.1

Added by . . over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
High
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Running:
CentOS 7.2.1511 (Core)
Suricata 3.1.1 RELEASE w/ libpcap

After upgrading from 3.0.1 to 3.1.1 i am seeing tons of "TCP duplicated option" and "DNS malformed request data" events which is creating a log of noise on my dashboard.

I noticed suricata.yaml received an overhaul, i already migrated my old config to the (rpm)new one (in case some defaults had been changed) but to no avail.

What am i missing here, except disabling the rules/adding a threshold, to get rid of this?

Actions

Also available in: Atom PDF