📄 2478.txt

📁 snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具

💻 TXT

字号:

Rule:--Sid:2478--Summary:This event is generated when an attempt is made to bind to the winregservice.--Impact:Unknown.--Detailed Information:This event is generated when an attempt is made to bind to the RPCservice for winreg.--Affected Systems:	Windows systems--Attack Scenarios:An attacker may attempt to bind to the service to manipulate hostsettings.--Ease of Attack:Simple.--False Positives:None known.--False Negatives:None known.--Corrective Action:Block access to RPC ports 135, 139 and 445 for both TCP and UDP protocols from external sources using a packet filtering firewall.--Contributors:Sourcefire Research TeamBrian Caswell <bmc@sourcefire.com>Nigel Houghton <nigel.houghton@sourcefire.com>--Additional References:Microsoft Technethttp://support.microsoft.com/support/kb/articles/q153/1/83.aspCVEhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0562Winreghttp://www.rutherfurd.net/python/winreg/--

💿 文件大小 771 K

👤 上传用户 lihuitao1987

📂 所属分类 Internet/网络编程

🏷️ 相关标签

#snort #Snort #2.4 #入侵检测

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -