fortiguard.fortinet.com Open in urlscan Pro
154.52.2.196  Public Scan

Submitted URL: http://www.fortinet.com/ids/VID26339
Effective URL: https://fortiguard.fortinet.com/encyclopedia/ips/26339
Submission: On December 18 via api from AE — Scanned from DK

Form analysis 2 forms found in the DOM

GET /search

<form action="/search" method="get" class="form-check d-none ng-pristine ng-valid">
  <span class="search_flat">
    <label for="search_field_header" class="visually-hidden" id="label-search_field-header">Search</label>
    <input id="search_field_header" type="text" class="search_field" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
    <button type="submit" value=" " class="btn btn-sm" aria-label="Submit your search">
      <img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=32983" alt="search">
    </button>
    <div class="global_search-popup">
      <fieldset>
        <legend class="visually-hidden">Please select any available option</legend>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="all_home" class="form-check-input search-input-option" value="1" checked="checked" aria-checked="true">
          <label class="form-check-label search-input-label" for="all_home"> Normal </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="exact_home" class="form-check-input search-input-option" value="2">
          <label class="form-check-label search-input-label" for="exact_home"> Exact Match </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="cve_home" class="form-check-input search-input-option" value="3">
          <label class="form-check-label search-input-label" for="cve_home"> CVE </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="threat_home" class="form-check-input search-input-option" value="4">
          <label class="form-check-label search-input-label" for="threat_home"> ID </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="psirt_home" class="form-check-input search-input-option" value="6">
          <label class="form-check-label search-input-label" for="psirt_home"> PSIRT </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="repms_home" class="form-check-input search-input-option" value="8">
          <label class="form-check-label search-input-label" for="repms_home"> Antispam </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="outbreak-alert_home" class="form-check-input search-input-option" value="9">
          <label class="form-check-label search-input-label" for="outbreak-alert_home"> Outbreak Alert </label>
        </div>
        <div class="form-check search-popup-item">
          <input type="radio" name="engine" id="url_home" class="form-check-input search-input-option" value="7">
          <label class="form-check-label search-input-label" for="url_home"> IP/Domain/URL </label>
        </div>
      </fieldset>
    </div>
  </span>
</form>

GET /search

<form action="/search" method="get" class="mobile-search-form col-12  ng-pristine ng-valid">
  <div class="input-group">
    <select class="form-select" name="engine">
      <option value="1"> Normal </option>
      <option value="2"> Exact Match </option>
      <option value="3"> CVE </option>
      <option value="4"> ID </option>
      <option value="6"> PSIRT </option>
      <option value="8"> Antispam </option>
      <option value="9"> Outbreak Alert </option>
      <option value="7"> IP/Domain/URL </option>
    </select>
    <input id="search_field_header" type="text" class="form-control" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
    <button class="btn btn-sm btn-outline-secondary" type="submit">
      <img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=32983" alt="search">
    </button>
  </div>
</form>

Text Content

 * Search
   Please select any available option
   Normal
   Exact Match
   CVE
   ID
   PSIRT
   Antispam
   Outbreak Alert
   IP/Domain/URL

 * Research
   
   
   RESEARCH CENTER
   
   Explore latest research and threat reports on emerging cyber threats.
    * Outbreak Alerts
    * Security Blog
    * Threat Signal

 * Services
   
   
   SERVICES
   
   By Outbreak By Solution By Product
   
   
   PROTECT
   
   Counter measures across the security fabric for protecting assets, data and
   network.
    * Anti-Botnet
    * AntiMalware
    * AntiSpam
    * Application Control
    * Intrusion Protection
    * Operational Technology Security
    * Sandbox Behavior Engine
    * Web Application Security
    * Web Filtering
   
   
   DETECT
   
   Find and correlate important information to identify an outbreak.Find and
   correlate
    * Anti-Recon and Anti-Exploit
    * Cloud Threat Detection
    * Endpoint Detection & Response
    * Indicators of Compromise
    * Outbreak Deception
    * Outbreak Detection
    * SOC Automation
   
   
   RESPOND
   
   Develop containment techniques to mitigate impacts of security events.Develop
   containment
    * Endpoint Detection and Response
    * Endpoint Forensics
    * Incident Response
   
   
   RECOVER
   
   Improve security posture and processes by implementing security awareness and
   training.
    * Assessment Services
    * NSE Training
    * Security Awareness Training
   
   
   IDENTIFY
   
   Identify processes and assets that need protection.Identify processes and
   assets that
    * Breach Attack Simulation
    * Cloud Vulnerability
    * Dynamic Application Security Testing
    * Endpoint Vulnerability
    * FortiDevSec
    * Inline-CASB Application Definitions
    * IoT Detection
    * Pen Testing
    * Recon: ACI
    * Recon: BP
    * Recon: EASM
    * Security Rating
   
   
    * NETWORK SECURITY
   
    * Anti-Botnet
    * Anti-Recon and Anti-Exploit
    * Cloud Vulnerability and Threat Detection
    * Data Loss Prevention
    * Indicators of Compromise
    * Inline-CASB Application Definitions
    * Internet Services
    * Intrusion Protection
    * IP Geolocation
    * Secure DNS
   
   
    * ENDPOINT SECURITY
   
    * ANN and NDR
    * AntiVirus
    * Endpoint Detection & Response
    * Endpoint Vulnerability
    * IoT Detection
    * Sandbox Behavior Engine
   
   
    * APPLICATION SECURITY
   
    * AntiSpam
    * Application Control
    * Client Application Firewall
    * Credential Stuffing Defense
    * Dynamic Application Security Testing
    * Operational Technology Security
    * Web Application Security
    * Web Filtering
   
   
    * SECURITY OPERATIONS
   
    * Breach Attack Simulation
    * FortiDevSec
    * Outbreak Deception
    * Outbreak Detection
    * Pen Testing
    * Security Rating
   
    * FortiGate
   
    * FortiAnalyzer
   
    * FortiClient
   
    * FortiWeb
   
    * FortiADC
   
    * FortiAuthenticator
   
    * FortiCNP
   
    * FortiDDoS
   
    * FortiDeceptor
   
    * FortiEDR
   
    * FortiMail
   
    * empty
   
    * FortiNDR
   
    * FortiPAM
   
    * FortiPolicy
   
    * FortiProxy
   
    * FortiRecon
   
    * FortiSandBox
   
    * FortiSASE
   
    * FortiSIEM
   
    * FortiTester
   
    * FortiDAST
   
    * FortiCNAPP
   
    * empty
   
    * Anti-Botnet
    * AntiVirus
    * Application Control
    * Inline-CASB Application Definitions
    * Intrusion Protection
    * IoT Detection
    * IP Geolocation
    * Operational Technology Security
    * Secure DNS
    * Security Rating
    * Web Filtering
   
    * Indicators of Compromise
    * Outbreak Detection
    * SOC Automation
   
    * Anti-Botnet
    * Anti-Recon and Anti-Exploit
    * AntiVirus
    * Application Firewall
    * Credential Stuffing Defense
    * Endpoint Vulnerability
    * Intrusion Protection
    * Outbreak Detection
    * Web Filtering
   
    * Anti-Botnet
    * AntiVirus
    * Application Control
    * Credential Stuffing Defense
    * Fuzzy Webshell
    * IP Geolocation
    * Web Application Security
   
    * Anti-Botnet
    * AntiVirus
    * Credential Stuffing Defense
    * Intrusion Protection
    * IP Geolocation
    * Web Application Security
    * Web Filtering
   
    * IP Geolocation
   
    * Anti-Botnet
    * Data Loss Prevention
    * IP Geolocation
    * Vulnerability
   
    * Anti-Botnet
   
    * Anti-Recon and Anti-Exploit
    * AntiVirus
    * Intrusion Protection
    * Outbreak Deception
   
    * AntiVirus
    * EndPoint Detection and Response
    * Endpoint Vulnerability
    * Indicators of Compromise
    * Web Filtering
   
    * AntiSpam
    * AntiVirus
    * Web Filtering
   
    * Network Detection and Response
   
    * AntiVirus
    * Data Loss Prevention
   
    * Anti-Botnet
    * Application Control
   
    * Anti-Botnet
    * Application Control
    * Industrial Security
   
    * Digital Risk Protection
   
    * AntiVirus
    * Intrusion Protection
    * Sandbox Behavior Engine
    * Web Filtering
   
    * Anti-Botnet
    * AntiVirus
    * Application Control
    * Data Loss Prevention
    * Endpoint Vulnerability
    * Intrusion Protection
    * Secure DNS
    * Web Filtering
   
    * Indicators of Compromise
    * IP Geolocation
    * Outbreak Detection
   
    * Breach Attack Simulation
   
    * Dynamic Application Security Testing
   
    * Cloud Threat Detection
    * Cloud Vulnerability

 * Threat Intelligence
   
   
   THREAT INTELLIGENCE
   CENTER
   
   Browse the FortiGuard Labs extensive encyclopedia and Threat Analytics.
    * Application Control
    * FortiGuard Encyclopedia
    * Outbreak Threat Map
    * Threat Actor Encyclopedia
    * Threat Analytics
    * Web Filtering
   
   
 * Support
   
   
   SUPPORT CENTER
   
   PSIRT Center Product Support
   Fortinet Product Security Incident Response Team (PSIRT) updates.
    * Advisories
    * PSIRT Blog
    * PSIRT Contact
    * Security Vulnerability Policy
   
   Get the support whenever you need it.
    * FortiCare Support
    * Fortinet Community

 * Resources
   
   
   RESOURCE CENTER
   
   Learn about service status, publications and other available resources.
    * FortiGuard Sample Files
    * MITRE ATT&CK Matrix
    * NIST Cybersecurity Framework
    * Publications
    * Security Best Practices
   
   
 * About
   
   
   ABOUT
   
   FortiGuard Labs Partners
   AI-Powered Threat Intelligence for an Evolving Digital World.
    * Contact Us
    * Premium Services
    * RSS Feeds
   
   Leveraging cyber security industry partner relationships.
    * Cyber Threat Alliance
    * MITRE Engenuity

 * 

 * Research
   * Outbreak Alerts
   * Security Blog
   * Threat Signal
 * Services
   * Anti-Botnet
   * Anti-Recon and Anti-Exploit
   * AntiMalware
   * AntiSpam
   * Application Control
   * Assessment Services
   * Breach Attack Simulation
   * Cloud Threat Detection
   * Cloud Vulnerability
   * Dynamic Application Security Testing
   * Endpoint Detection & Response
   * Endpoint Detection and Response
   * Endpoint Forensics
   * Endpoint Vulnerability
   * FortiDevSec
   * Incident Response
   * Indicators of Compromise
   * Inline-CASB Application Definitions
   * Intrusion Protection
   * IoT Detection
   * NSE Training
   * Operational Technology Security
   * Outbreak Deception
   * Outbreak Detection
   * Pen Testing
   * Recon: ACI
   * Recon: BP
   * Recon: EASM
   * Sandbox Behavior Engine
   * Security Awareness Training
   * Security Rating
   * SOC Automation
   * Web Application Security
   * Web Filtering
 * Threat Intelligence
   * Application Control
   * FortiGuard Encyclopedia
   * Outbreak Threat Map
   * Threat Actor Encyclopedia
   * Threat Analytics
   * Web Filtering
 * Resources
   * FortiGuard Sample Files
   * MITRE ATT&CK Matrix
   * NIST Cybersecurity Framework
   * Publications
   * Security Best Practices
 * Support
   
   
   PSIRT CENTER
   
    * Advisories
    * PSIRT Blog
    * PSIRT Contact
    * Security Vulnerability Policy
   
   
   PRODUCT SUPPORT
   
    * FortiCare Support
    * Fortinet Community

 * About
   
   
   FORTIGUARD LABS
   
    * Contact Us
    * Premium Services
    * RSS Feeds
   
   
   PARTNERS
   
    * Cyber Threat Alliance
    * MITRE Engenuity

 * FORTINET

Normal Exact Match CVE ID PSIRT Antispam Outbreak Alert IP/Domain/URL


INTRUSION PREVENTION


TCP.SPLIT.HANDSHAKE


DESCRIPTION

This indicates the detection of TCP Split Handshake packets.


AFFECTED PRODUCTS

Any Operating System


IMPACT

Protocol Anomaly: Attackers can gain system information to prepare for further
attacks.


RECOMMENDED ACTIONS

This indicates detection of traffic that does not comply with the protocol
standard. Monitor the traffic from that network for any suspicious activity.


TELEMETRY




COVERAGE

IPS (Regular DB) IPS (Extended DB)


REFERENCES

http://www.macrothink.org/journal/index.php/npa/article/view/285

ID 26339 Created Apr 11, 2012 Updated Apr 23, 2014 Risk CVE ID Default Action
pass Active Affected OS All Affected App All

 * Contact Us
 * Legal
 * Privacy
 * Partners
 * Feedback
   

 * 
 * 
 * 
 * 
 * 

Copyright © 2024 Fortinet, Inc. All Rights Reserved.

This site uses cookies. Some are essential to the operation of the site; others
help us improve the user experience. By continuing to use the site, you consent
to the use of these cookies. To learn more about cookies, please read our
privacy policy.

Accept