Rule History

alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT VNC Server Not Requiring Authentication (case 2)"; flowbits:isset,BSis.vnc.setup; dsize:4; flow:established; content:"|00 00 00 01|"; depth:4; flowbits:set,BSvnc.auth.offered; reference:url,www.realvnc.com/docs/rfbproto.pdf; reference:cve,2006-2369; classtype:misc-activity; sid:2002923; rev:6; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)