2473.txt

来自「This is the snapshot of Snot Latest Rule」· 文本代码 · 共 57 行

TXT

57 行

Rule:--Sid:2473--Summary:This event is generated when an attempt is made to access the ADMIN$ administrative share of a Windows host.--Impact:Serious. Possible administrator access to the host. Information disclosure.--Detailed Information:By default, Windows hosts have default administrative shares of the local hard drives using the format %DRIVE_LETTER% + $. Anybody with administrative rights can remotely access the share.--Affected Systems:Windows hosts.--Attack Scenarios:An attacker may be attempting to access files located on the C drive of the host.--Ease of Attack:Simple.--False Positives:None Known--False Negatives:None Known--Corrective Action:Disallow Netbios access from external networks (tcp port 139).--Contributors:Original Rule Writer UnknownSourcefire Vulnerability Research TeamNigel Houghton <nigel.houghton@sourcefire.com>Snort documentation contributed by Josh Sakofsky-- Additional References:Microsoft:http://support.microsoft.com/default.aspx?scid=kb;en-us;100517--

2473.txt - 源码说明

本页面展示了「This is the snapshot of Snot Latest Rules」中的 2473.txt 源码文件，采用文本编程语言编写，共 57 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与snapshot相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?