Versions (3)
Version DetailsCurrent
Rev: 10 • Jul 30, 2010, 12:00 PMET INFO RDP - Response To External Host
alert tcp $HOME_NET 3389 -> $EXTERNAL_NET any (msg:"ET INFO RDP - Response To External Host"; flow:established,to_client; content:"|03|"; offset:0; depth:1; content:"|D0|"; offset:5; depth:1; classtype:misc-activity; sid:2001330; rev:10; metadata:attack_target Client_and_Server, created_at 2010_07_30, deployment Perimeter, performance_impact Significant, confidence Medium, signature_severity Informational, updated_at 2023_04_25, reviewed_at 2024_05_02; target:src_ip;)
Jul 30, 2010, 12:00 PM
Apr 25, 2023, 12:00 PM
Jul 30, 2010, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-info.rules