#alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; depth:1; content:"|e0|"; distance:4; within:1; content:"Cookie|3a|"; distance:5; within:7; reference:url,doc.emergingthreats.net/2007571; classtype:policy-violation; sid:2007571; rev:6;)

Added 2011-10-12 19:23:21 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; depth:1; content:"|e0|"; distance:4; within:1; content:"Cookie|3a|"; distance:5; within:7; classtype: policy-violation; reference:url,doc.emergingthreats.net/2007571; sid:2007571; rev:6;)

Added 2011-09-14 22:36:54 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; depth:1; content:"|e0|"; distance:4; within:1; content:"Cookie|3a|"; distance:5; within:7; classtype: policy-violation; reference:url,doc.emergingthreats.net/2007571; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_RDP_Connections; sid:2007571; rev:6;)

Added 2011-04-22 14:56:31 UTC


#alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie|3a|"; offset: 11; depth: 7; classtype: policy-violation; reference:url,doc.emergingthreats.net/2007571; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_RDP_Connections; sid:2007571; rev:5;)

Added 2011-02-04 17:26:41 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; reference:url,doc.emergingthreats.net/2007571; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_RDP_Connections; sid:2007571; rev:4;)

Added 2009-02-11 19:15:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; reference:url,doc.emergingthreats.net/2007571; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/POLICY/POLICY_RDP_Connections; sid:2007571; rev:4;)

Added 2009-02-11 19:15:23 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:3;)

Added 2008-01-31 18:48:10 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg:"ET POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:3;)

Added 2008-01-31 18:48:10 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-29 09:46:53 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-29 05:16:38 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-29 04:03:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-29 03:48:04 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 12:54:20 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 10:32:15 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 05:34:31 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 05:08:22 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 04:38:37 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 03:48:00 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-27 02:38:58 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-26 23:05:22 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-25 14:27:05 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-25 01:34:11 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-25 00:51:54 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-24 23:47:03 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-24 16:03:49 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-24 14:39:34 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-24 03:16:18 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-24 02:56:46 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie\:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:2;)

Added 2007-08-23 08:46:19 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:1; )

Added 2007-08-22 23:04:41 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 3389 (msg: "BLEEDING-EDGE POLICY Remote Desktop Connection via non RDP Port"; flow:established,to_server; content:"|03|"; offset: 0; depth: 1; content:"|E0|"; offset: 5; depth: 1; content:"Cookie:"; offset: 11; depth: 7; classtype: policy-violation; sid:2007571; rev:1; )

Added 2007-08-22 22:47:08 UTC


Topic revision: r1 - 2011-10-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats