EmergingThreats> Main Web>2003481 (revision 1)EditAttach

alert tcp any any -> $HOME_NET 1024:65535 (msg:"BLEEDING-EDGE POLICY Radmin Remote Control Session Authentication Initiate"; flow:established,to_server; dsize:<20; content:"|01 00 00 00 05 00 00 02 27 27 02 00 00 00|"; flowbits:set,BE.Radmin.Auth.Challenge; classtype:not-suspicious; reference:url,www.radmin.com; sid:2003481; rev:1;)

Added 2007-03-13 15:12:38 UTC


Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions...
Topic revision: r1 - 2007-03-15 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats