Hi All,
I am analyzing some firewall logs in SIEM. I am totally new to this domain, just want to know
the concept of TCP reset flag.
As far as My understanding TCP reset flag will set if the connection got interrupted inbetween or
server unable to process the client request or duplicate request received from the client to the
server
Also on my payload I could able to see the TCP reset -I and TCP reset -O can anyone explain what
it mean ? do I need to take much attention on TCP reset -I and TCP reset -O.
No comments:
Post a Comment