Community
User Guides
Support
Community
Help Forums
English Forum
General
About our Community
General Discussion
News and Feedback
Products
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Beta programs
Feature Requests
Finnish Forum (Tukifoorumi)
Tuotteet Kotiin
F-Secure SAFE
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Muut tietoturvatuotteet
Support Articles
Language
English
Suomi
Deutsch
Français
日本語
Svenska
Dansk
Italiano
Nederlands
Norsk
Polski
中文 (繁體)
Products & Services
F-Secure TOTAL
F-Secure SAFE / Internet Security / Anti-Virus
F-Secure FREEDOME
F-Secure KEY
F-Secure SENSE Router
F-Secure ID PROTECTION
Other products
Common topics
User Guides
Support
Login
|
Register
Why do I receive the alert that a suspiciously small data fragment has been blocked on Client Security? - F-Secure Community
<main> <article class="userContent"> <h3 data-version="4" data-article="000001900" data-id="issue">Issue:</h3> <p></p><ul><li>The F-Secure Client Security reports that a suspiciously small datagram fragment has been blocked</li><li>How to get rid of the warning if it is a false positive? </li></ul><h3 data-id="resolution">Resolution:</h3> <p></p><div>By default the F-Secure Firewall drops packet fragments which are below 128 bytes. In practice a packet with a size below 128 bytes are normally considered inefficient (ratio data/data+headers).<br><br>If packets with a size below 128 bytes appear on a network, they could be related to a DDoS attack or they might also be a sign of a broken or wrongly configured router or device in the network, for example a printer. <br><br>Try to investigate what is sending that packet. <br><br>To get rid of the alert, you can change what the F-Secure firewall considers as the minimum size for a fragment. </div><br><br>In Policy Manager, this setting has to be changed by using the Advanced view. Follow these steps: <ol><li>Log into <b>Policy Manager Console</b></li><li>Select the host or domain from the <b>Domain tree</b></li><li>Go to the <b>Settings</b> tab and select the <b>Advanced view</b></li><li>Navigate to <b>F-Secure Internet Shield > Settings > Firewall Engine > Minimum fragment size</b></li><li>Set the <b>Minimum Fragment Size to 0</b></li><li><b>Distribute</b> the policy to the hosts</li></ol><p>Article no: 000001900</p> </article> </main>