Versions (2)
Version DetailsCurrent
Rev: 3 • May 29, 2023, 12:00 PM🐾 - 🚨 MDNS for UDP service 🤕 in use - Multicast query observed
alert udp any 5353 -> 224.0.0.251 5353 (msg:"🐾 - 🚨 MDNS for UDP service 🤕 in use - Multicast query observed"; flow:to_server, stateless; threshold:type limit, track by_src,count 1, seconds 43200; content:"|00 00 00 00 00 01 00 00 00 00 00 00|"; fast_pattern; content:"|5f 75 64 70|"; content:"|00 0c 00 01|"; reference:url,https://github.com/eldraco/Sapito/blob/master/mDNS-services.txt; metadata:created_at 2023_05_29, updated_at 2025_01_05; sid:3300154; rev:3; classtype:policy-violation;)
May 29, 2023, 12:00 PM
Jan 5, 2025, 12:00 PM
Feb 21, 2024, 4:00 PM
May 29, 2025, 11:12 PM
rules/PAW-PATRULES_VULN.rules