Hello,
Are there documents/articles specifing Netwitness packet capture behavior and parsing regarding traffic with wrong checksums?
Are those packets dropped?
This question arised due to tests using the Snort parser to detect specific packets manipulated to perform attacks, for now, the traffic being observed shows only the response and no resquest ( the attack itself).
Grateful for any help provided!
