Idp Signature Groups - D-Link NetDefend DFL-210 User Manual

Appendix B. IDP Signature Groups
For IDP scanning, the following signature groups are available for selection. These groups are
available only for the D-Link Advanced IDP Service. There is a version of each group under the
three Types of IDS, IPS and Policy. For further information see Section 6.5, "Intrusion Detection
and Prevention".
Group Name
APP_AMANDA
APP_ETHEREAL
APP_ITUNES
APP_REALPLAYER
APP_REALSERVER
APP_WINAMP
APP_WMP
AUTHENTICATION_GENERAL
AUTHENTICATION_KERBEROS
AUTHENTICATION_XTACACS
BACKUP_ARKEIA
BACKUP_BRIGHTSTOR
BACKUP_GENERAL
BACKUP_NETVAULT
BACKUP_VERITAS
BOT_GENERAL
BROWSER_FIREFOX
BROWSER_GENERAL
BROWSER_IE
BROWSER_MOZILLA
COMPONENT_ENCODER
COMPONENT_INFECTION
COMPONENT_SHELLCODE
DB_GENERAL
DB_MSSQL
DB_MYSQL
DB_ORACLE
DB_SYBASE
DCOM_GENERAL
DHCP_CLIENT
DHCP_GENERAL
DHCP_SERVER
DNS_EXPLOIT
DNS_GENERAL
DNS_OVERFLOW
DNS_QUERY
ECHO_GENERAL
ECHO_OVERFLOW
FINGER_BACKDOOR
FINGER_GENERAL
FINGER_OVERFLOW
FS_AFS
FTP_DIRNAME
Intrusion Type
Amanda, a popular backup software
Ethereal
Apple iTunes player
Media player from RealNetworks
RealNetworks RealServer player
WinAMP
MS Windows Media Player
Authenticantion
Kerberos
XTACACS
Network backup solution
Backup solutions from CA
General backup solutions
NetVault Backup solution
Backup solutions
Activities related to bots, including those controlled by IRC channels
Mozilla Firefox
General attacks targeting web browsers/clients
Microsoft IE
Mozilla Browser
Encoders, as part of an attack.
Infection, as part of an attack
Shell code, as part of the attacks
Database systems
MS SQL Server
MySQL DBMS
Oracle DBMS
Sybase server
MS DCOM
DHCP Client related activities
DHCP protocol
DHCP Server related activities
DNS attacks
Domain Name Systems
DNS overflow attack
Query related attacks
Echo protocol and implementations
Echo buffer overflow
Finger backdoor
Finger protocol and implementation
Overflow for Finger protocol/implementation
Andrew File System
Directory name attack
478