Why do I receive the alert that a suspiciously small data fragment has been blocked on Client Security?
The F-Secure Client Security reports that a suspiciously small datagram fragment has been blocked
How to get rid of the warning if it is a false positive?
This type of alerts might be related to a DDoS attack. If they appear on a network, they might also be a sign of a broken or wrongly configured router or device in the network, for example a printer.
Proceed to investigate the issue on a network level before applying the modification below. In practice packet with a size below 128 bytes are normally considered inefficient (ratio data/data+headers).
To get rid of the alert, you can change what the F-Secure firewall considers as the minimum size for a fragment.
In Policy Manager, this setting has to be changed by using the Advanced view. Follow these steps:
Log into Policy Manager Console.
Select the host or domain from the Domain tree.
Go to the Settings tab and select the Advanced view.
Navigate to F-Secure Internet Shield > Settings > Firewall Engine > Minimum fragment size.