Table of Contents
Advertisement
Network and Security Manager Administration Guide
SMB:NETBIOS:INV-CDNAME-ENC
SMB:NETBIOS:INV-CDNAME-LEN
SMB:NETBIOS:INV-CGNAME-ENC
SMB:NETBIOS:INV-CGNAME-LEN
SMB:NETBIOS:INV-SHDR-LEN
SMB:NETBIOS:INV-SNAME-LEN
SMB:NETBIOS:RMT-REG-ACCESS
SMB:NETBIOS:SHARE-LVL-SEC
SMB:TOOLS:PSEXEC
SMTP:AUDIT:REQ-INVALID-CMD-SEQ
SMTP:AUDIT:TEXT-LINE
916
This protocol anomaly is an invalid calling name encoding
in the NETBIOS header that encapsulates an SMB. NETBIOS
names are 16 bytes and may encode to a maximum of 34
bytes.
This protocol anomaly is an invalid called name length in
the NETBIOS header that encapsulates an SMB. NETBIOS
names are 16 bytes and may encode to a maximum of 34
bytes.
This protocol anomaly is an invalid calling name encoding
in the NETBIOS header that encapsulates an SMB. NETBIOS
names are 16 bytes and may encode to a maximum of 34
bytes.
This protocol anomaly is an invalid calling name length in
the NETBIOS header that encapsulates an SMB. NETBIOS
names are 16 bytes and may encode to a maximum of 34
bytes.
This protocol anomaly is an invalid session header length in
the NETBIOS header that encapsulates an SMB. The
minimum length of an SMB message is 33 bytes.
This protocol anomaly is an invalid session name length in
the NETBIOS header that encapsulates an SMB. NETBIOS
names are 16 bytes and may encode to a maximum of 34
bytes.
This signature detects attempts to remotely access the
Windows registry. Attackers may use a malicious client to
view or modify the contents of the Windows registry.
This protocol anomaly is an SMB session with share-level
security. A user may gain access to various resources on the
server without username or password authentication.
This signature detects attempts to upload psexec.exe, an
SMB tool for uploading and executing programs interactively.
This signature also indicates that the psexec.exe has already
logged into the system; Psexec.exe can upload itself to the
host only after successful login. Worms often use psexec.exe
to propagate.
This protocol anomaly is an invalid sequence of SMTP
commands, which would normally not be issued by an SMTP
client or server. This may indicate an attacker manually trying
to exploit an SMTP server
This protocol anomaly is a text line (in the data section) in
an SMTP connection that is too long. This may indicate a
buffer overflow attempt.
high
sos5.1.0
high
sos5.1.0
high
sos5.1.0
high
sos5.1.0
high
sos5.1.0
high
sos5.1.0
medium
sos5.1.0
medium
sos5.1.0
high
sos5.1.0
info
sos5.1.0
info
sos5.1.0
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper 200 Series