Table of Contents
Advertisement
6.x to 7.x Mappings
Table A-1 6.x to 7.0 Keyword Mapping (continued)
6.x Keyword
SESSION_WINDOW
A-44 Keywords/XML Attributes
7.0 XML Attribute
NSC/SC/C/TransportLayer/StreamRebuilding/session-
window-size
Description
Allows the user to configure the number of bytes
that the Network Sensor will reconstruct in an
application session. This is a very important
aspect when fragmentation/session reassembly
is considered. By setting the number higher, the
user can track a highly fragmented attack
through completion.
Technical Notes
•
session-window-size can be fully utilized when
Network Sensor is running on a system with at least
512M of RAM. If Network Sensor only has 128M,
the user must be careful as to how large they can
set session-window-size. If you are not sure, default
to 100.
•
The argument to session-window-size must be 210
or less.
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?