BAD TRAFFIC bad frag bits

[Clayton Mascarenhas <masclaythesnort () yahoo com>]

Hi list,

 

I got this "Bad traffic bad frag bits" alert. 

 

03/20-01:00:09.476681 [**] [1:1322:4] BAD TRAFFIC bad frag bits [**] [Classification: Misc activity] [Priority: 3] 
{UDP} 2.3.4.5 -> 1.2.3.4

 

This comes when the Dont Fragment and More fragment bits are set. When will this situation occur?? In the alert shown 
what could possibly make the 2.3.4.5 machine send such a packet to 1.2.3.4? And why would an attacker want to craft 
such a packet when it actually doesnt help the attacker in any way?

 

Thanks in advance.



---------------------------------
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!