rservices.rules

来自「入侵检测系统.linux下与MySql连用的例子」· RULES 代码 · 共 18 行

RULES

18 行

# $Id: rservices.rules,v 1.5 2001/06/11 15:29:30 cazz Exp $#----------------# RSERVICES RULES#----------------alert tcp $EXTERNAL_NET any -> $HOME_NET 513 (msg:"RSERVICES rsh LinuxNIS";flags: A+; content:"|3a3a 3a3a 3a3a 3a3a 003a 3a3a 3a3a 3a3a 3a|"; classtype:bad-unknown; sid:601; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 513 (msg:"RSERVICES rsh bin";flags: A+; content:"bin|00|bin|00|"; reference:arachnids,384; classtype:attempted-user; sid:602; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 513 (msg:"RSERVICES rsh echo++";flags: A+; content:"echo |22| + + |22|"; reference:arachnids,385; classtype:bad-unknown; sid:603; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 513 (msg:"RSERVICES rsh froot";flags: A+; content:"-froot|00|"; reference:arachnids,386; classtype:attempted-admin; sid:604; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 513 (msg:"RSERVICES rsh login failure";flags: A+; content:"login incorrect"; reference:arachnids,393; classtype:unsuccessful-user; sid:605; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 513 (msg:"RSERVICES rsh root";flags: A+; content:"root|00|root|00|"; reference:arachnids,389; classtype:attempted-admin; sid:606; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 514 (msg:"RSERVICES rlogin bin"; flags: A+; content: "bin|00|bin|00|"; reference:arachnids,390; classtype:attempted-user; sid:607; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 514 (msg:"RSERVICES rlogin echo++"; flags: A+; content: "echo |22|+ +|22|"; reference:arachnids,388; classtype:attempted-user; sid:608; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 514 (msg:"RSERVICES rlogin froot";flags: A+; content:"-froot|00|"; reference:arachnids,387; classtype:attempted-admin; sid:609; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET 514 (msg:"RSERVICES rlogin root"; flags: A+; content: "root|00|root|00|";reference:arachnids,391; classtype:attempted-admin; sid:610; rev:1;)alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"RSERVICES rsh login failure";flags: A+; content: "|01|rlogind|3a| Permission denied.";reference:arachnids,392; classtype:unsuccessful-user; sid:611; rev:1;)alert udp $EXTERNAL_NET any -> $HOME_NET 32770: (msg:"RPC rusers query"; content:"|0000000000000002000186A2|";offset:5; reference:cve,CVE-1999-0626; reference:arachnids,136; classtype:attempted-recon; sid:612; rev:1;)

rservices.rules - 源码说明

本页面展示了「入侵检测系统.linux下与MySql连用的例子」中的 rservices.rules 源码文件，采用 RULES 编程语言编写，共 18 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与linux相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?