Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-08 01:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/scripts/base/protocols/rdp/dpd.sig
jshlbrd dade1936be Update dpd.sig
2015-02-15 23:06:36 -08:00

17 lines
322 B
Standard ML
Raw Blame History

signature dpd_rdp_client_request {
ip-proto == tcp
payload /.*Cookie: mstshash\=.*/
enable "rdp"
}
signature dpd_rdp_client_header {
ip-proto == tcp
payload /.*Duca.*(rdpdr|rdpsnd|drdynvc|cliprdr).*/
enable "rdp"
}
signature dpd_rdp_server_response {
ip-proto == tcp
payload /.*McDn.*/
enable "rdp"
}
Reference in a new issue View git blame Copy permalink