Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About mfs
About mfs
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Wednesday
2Posts
0Likes
0Solutions
Jun 03, 2020Last Visited
User
Activity
User
Profile
Latest posts by mfs
| Subject | Views | Posted |
|---|---|---|
| 487 | 11-03-2014 05:30 AM | |
| 520 | 10-31-2014 02:20 PM |
User Badges
Public Statistics
| Date Registered | 09-04-2012 07:04 AM |
| Date Last Visited | Wednesday |
| Total Messages Posted | 3 |
11-03-2014
05:30 AM
H, The issue is that the custom signature(s) do not fire when I send specific MSRPC bind requests through the firewall. I only see msrpc identified by the firewall, but clearly see the specific BIND request in a PCAP on the server. In the case of the signature in the OP, I am looking for the DFS BIND request. Thanks!
... View more
10-31-2014
02:20 PM
I am trying to create a number of custom MSRPC based App's using the msrpc-req-bind-data contact. I have set msrpc as the parent app, dynamic TCP and UDP for the ports, and the signatures are set to the session scope. I pulled the hex for the BIND request interfaces directly from Wireshark running on the AD server. See below screenshot for the signature (this is the interface for DFS):
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
Wednesday
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
