Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
The VMware SD-WAN Edge appliance received packets potentially part of an IP Fragmentation attack or indicating an MTU mismatch. An IP fragmentation attack is a cyberattack that exploits how IP packets are fragmented and reassembled. IP fragmentation is a process by which large IP packets are broken down into smaller packets to transmit them over networks with smaller Maximum Transmission Unit (MTU) sizes. Attackers can exploit IP fragmentation in various ways, for example, Denial-of-service at
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | VMware SASE |
| ID | ce207901-ed7b-49ae-ada7-033e1fbb1240 |
| Severity | Low |
| Kind | Scheduled |
| Tactics | Impact, DefenseEvasion |
| Techniques | T1498, T1599 |
| Required Connectors | VMwareSDWAN |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
Syslog |
SyslogMessage contains "VCF Drop"SyslogMessage contains "packet too big" |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊