mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
19 lines
356 B
Standard ML
19 lines
356 B
Standard ML
# Generated by binpac_quickstart
|
|
|
|
signature dpd_rdp_client_request {
|
|
ip-proto == tcp
|
|
payload /.*Cookie: mstshash\=.*/
|
|
enable "rdp"
|
|
}
|
|
|
|
signature dpd_rdp_client_header {
|
|
ip-proto == tcp
|
|
payload /.*Duca.*(rdpdr|rdpsnd|drdynvc|cliprdr).*/
|
|
enable "rdp"
|
|
}
|
|
|
|
signature dpd_rdp_server_response {
|
|
ip-proto == tcp
|
|
payload /.*McDn.*/
|
|
enable "rdp"
|
|
}
|