Table of Contents
Advertisement
Table A-1 6.x to 7.0 Keyword Mapping (continued)
6.x Keyword
RPC
7.0 XML Attribute
NSC/SC/C/RPCAnalysis/LogRPC
Description
Configures Network Sensor to watch for specific
RPC traffic. The Network Sensor watches for
RPC traffic on port 111 and in the upper Solaris
range of 32771-32800. To watch RPC traffic on
any port, use
"NSC/SC/C/RPCAnalysis/any-port" on
page A-41. It watches both UDP and TCP
protocols. There are four arguments. The first is
the ignore or log value. The second and third
arguments are the source and destination
network declarations. The fourth argument is the
actual RPC number. Zero can be used to match
on any RPC value. Events of this type are named
[RPC]. If they occur on a port above 32771, they
are named [RPC-HIGHPORT].
Technical Notes
•
The maximum number of rules is 16.
•
This feature requires
"NSC/SC/C/RPCAnalysis" on page A-2.
Creating Network Sensor Policies and Signatures A-39
6.x to 7.x Mappings
Advertisement
Table of Contents
Need help?
Do you have a question about the Intrusion Prevention System and is the answer not in the manual?