2950.txt

来自「This is the snapshot of Snot Latest Rule」· 文本代码 · 共 60 行

TXT

60 行

Rule:--Sid:2950--Summary:This event is generated when multiple stacked SMB requests are made.--Impact:Possible IDS evasion.--Detailed Information:This event is generated when multiple stacked SMB requests are detected.This behavior does not occur on a regular basis in normal networktraffic. This event may indicate an attempt to evade an IDS.--Affected Systems:	All systems using SMB.--Attack Scenarios:An attacker might create multiple stacked SMB requests in an attempt tobypass an IDS.--Ease of Attack:Simple.--False Positives:None known.--False Negatives:If the second and third stacked requests are of a combined length thatis less than 37 bytes this rule will not generate an event.--Corrective Action:Apply the appropriate vendor supplied patchesDisallow the use of SMB.--Contributors:Sourcefire Vulnerability Research TeamBrian Caswell <bmc@sourcefire.com>Nigel Houghton <nigel.houghton@sourcefire.com>--Additional References:--

2950.txt - 源码说明

本页面展示了「This is the snapshot of Snot Latest Rules」中的 2950.txt 源码文件，采用文本编程语言编写，共 60 行代码。您可以在线阅读完整代码内容，也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与snapshot相关的技术资源，包括源代码、技术文档、电路图等，是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C

搜索代码Ctrl + F

全屏模式F11

增大字号Ctrl + =

减小字号Ctrl + -

显示快捷键?