This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About mfs
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About mfs
08-31-2020
3Posts
0Likes
0Solutions
Aug 31, 2020Last Visited
User
Activity
User
Profile
Latest posts by mfs
| Subject | Views | Posted |
|---|---|---|
| 2154 | 11-03-2014 05:30 AM | |
| 2187 | 10-31-2014 02:20 PM |
User Badges
Community Statistics
| Member Since | 09-04-2012 07:04 AM |
| Date Last Visited | 08-31-2020 06:38 PM |
| Posts | 3 |
11-03-2014
05:30 AM
H, The issue is that the custom signature(s) do not fire when I send specific MSRPC bind requests through the firewall. I only see msrpc identified by the firewall, but clearly see the specific BIND request in a PCAP on the server. In the case of the signature in the OP, I am looking for the DFS BIND request. Thanks!
... View more
10-31-2014
02:20 PM
I am trying to create a number of custom MSRPC based App's using the msrpc-req-bind-data contact. I have set msrpc as the parent app, dynamic TCP and UDP for the ports, and the signatures are set to the session scope. I pulled the hex for the BIND request interfaces directly from Wireshark running on the AD server. See below screenshot for the signature (this is the interface for DFS):
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-31-2020
06:38 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks