SonicALERT
Search

Sonicwall Signatures


Go to All Categories list.
Go to All Applications list.

Category: INFRASTRUCTURE

INFRASTRUCTURE Category Description

This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent legitimate inter-process authentication and communication.

  Microsoft Silverlight -- Client Request
  SOAP -- Client Request (Inbound) 1
  distcc -- App Command (Compile Request)
  RPC Portmapper -- UDP Activity
  RPC Portmapper -- TCP Activity
  SOAP -- Client Request (Outbound) 1
  Microsoft RPC End Point Mapper -- Client Request
  CUPS -- Print
  Internet Printing Protocol -- Client Request (Outbound)
  Internet Printing Protocol -- Client Request (Inbound)
  Microsoft Active Directory -- End Point Mapper
  Microsoft Distributed Transaction Coordinator -- End Point Mapper
  Microsoft File Replication -- End Point Mapper 1
  Microsoft File Replication -- End Point Mapper 2
  Microsoft IIS -- End Point Mapper
  Microsoft Message Queue -- End Point Mapper 1
  Microsoft Message Queue -- End Point Mapper 2
  Microsoft Message Queue -- End Point Mapper 3
  Microsoft Message Queue -- End Point Mapper 4
  Microsoft Message Queue -- End Point Mapper 5
  Microsoft Netlogon -- End Point Mapper
  Microsoft Task Scheduler -- End Point Mapper 1
  Microsoft Task Scheduler -- End Point Mapper 2
  Microsoft DNS -- End Point Mapper
  Microsoft WINS -- App Command (End Point Mapper)
  RADIUS -- UDP Activity (Inbound)
  RADIUS -- UDP Activity (Outbound)
  UPnP -- UDP Activity (Service Discovery)
  Microsoft Silverlight -- Server Response 1
  Microsoft Silverlight -- Server Response 2
  VMware -- HTTP Activity (Version Check)
  F5 Networks -- Authentication [Reqs DPI-SSL]
  Syslog -- UDP Activity
  Mac OS X -- App Update
  Big Brother -- TCP Activity
  VMware vSphere -- HTTP Activity (Cookie)
  APCUPSd -- TCP Activity
  NFSv3 -- Client Request (Outbound)
  CoralCDN -- HTTP Activity 1
  CoralCDN -- HTTP Activity 2
  Java RMI -- TCP Activity
  Rstatd -- UDP Activity
  BGP -- TCP Activity
  CMP -- HTTP Activity
  iSCSI -- Login
  LDP -- UDP Activity
  LDP -- TCP Activity
  NFSv3 -- Client Request (Inbound)
  NDMP -- TCP Activity (Client Message)
  NDMP -- TCP Activity (Server Message)
  RIP -- UDP Activity
  rwho -- UDP Activity
  NAT-PMP -- TCP Activity (Map Request)
  NAT-PMP -- UDP Activity (Map Request)
  UPnP -- UDP Activity (Port Mapping Request)
  Microsoft WINS -- App Command (Replication)
  No-IP DUC -- HTTP User-Agent
  DynDNS Updater -- HTTP Activity
  NFSv4 -- Client Request (Inbound)
  NFSv4 -- Client Request (Outbound)
  NFSv4 -- Client Request (UDP Inbound)
  NFSv4 -- Client Request (UDP Outbound)
  NFSv3 -- Client Request (UDP Inbound)
  NFSv3 -- Client Request (UDP Outbound)
  NFSv2 -- Client Request (Inbound)
  NFSv2 -- Client Request (Outbound)
  NFSv2 -- Client Request (UDP Inbound)
  NFSv2 -- Client Request (UDP Outbound)
  DCERPC -- Client Request 2
  DCERPC -- Server Response 2
  DCERPC -- Client Request 1
  DCERPC -- Server Response 1
  AFS -- UDP Activity
  Amazon Web Services -- SSL/TLS Activity 1
  Amazon Web Services -- SSL/TLS Activity 2
  OCSP -- HTTP Activity
  Google Play -- HTTPS Activity
  Google Play -- DNS Query 1
  Google Play -- QUIC Activity
  Google Play -- HTTP Activity [Reqs DPI-SSL]
  VMware -- Authentication 1
  VMware -- Authentication 2
  Microsoft Windows -- HTTP User-Agent (Windows CE)
  Microsoft Windows -- HTTP User-Agent (Windows 95)
  Microsoft Windows -- HTTP User-Agent (Windows 98)
  Microsoft Windows -- HTTP User-Agent (Windows Me)
  Microsoft Windows -- HTTP User-Agent (Windows NT 4.0)
  Microsoft Windows -- HTTP User-Agent (Windows 2000)
  Microsoft Windows -- HTTP User-Agent (Windows XP)
  Microsoft Windows -- HTTP User-Agent (Windows Server 2003)
  Microsoft Windows -- HTTP User-Agent (Windows Vista)
  Microsoft Windows -- HTTP User-Agent (Windows 7)
  Microsoft Windows -- HTTP User-Agent (Windows 8)
  Microsoft Windows -- HTTP User-Agent (Windows 8.1)
  Apple Devices -- HTTP User-Agent (Mac OS X Intel)
  Apple Devices -- HTTP User-Agent (Mac OS X PPC)
  Apple Devices -- HTTP User-Agent (iPhone)
  Apple Devices -- HTTP User-Agent (iPad)
  Microsoft Store -- HTTP Activity 1
  Microsoft Store -- HTTPS Activity 3
  HP JetDirect -- Print
  Microsoft Store -- HTTP Activity
  Amazon CloudFront -- HTTPS Activity
  Akamai CDN -- HTTPS Activity 1
  Akamai CDN -- HTTPS Activity 2
  CloudFlare CDN -- HTTPS Activity
  Fastly CDN -- HTTPS Activity
  Google Play -- DNS Query 2
  Google Play -- HTTP Activity (Referer) [Reqs DPI-SSL]
  Microsoft Windows -- HTTP User-Agent (Windows 10.0)
  Microsoft Store -- DNS Query
  Microsoft Store -- HTTPS Activity 1
  Microsoft Store -- HTTPS Activity 2
  Apple Devices -- HTTP User-Agent (Macintosh)
  Linux (OS) -- HTTP User-Agent (Linux i686)
  Linux (OS) -- HTTP User-Agent (Linux i586)
  Linux (OS) -- HTTP User-Agent (Linux x86_64)
  FreeBSD -- HTTP User-Agent
  Google Cloud -- HTTPS Activity
  DigitalOcean Cloud -- HTTPS Activity
  Microsoft Azure -- HTTPS Activity
  Kamatera Cloud -- HTTPS Activity
  Verizon Cloud -- HTTPS Activity
  VMware Cloud -- HTTPS Activity
  Alibaba Cloud -- HTTPS Activity
  Oracle Cloud -- HTTPS Activity
  Cloudways -- HTTPS Activity
  Massivegrid -- HTTPS Activity
  Liquidweb -- HTTPS Activity
  Limestone Networks -- HTTPS Activity
  QuadraNet -- HTTPS Activity
  CloudSigma -- HTTPS Activity
  Navisite -- HTTPS Activity
  JSON -- Client Request (Inbound)
  JSON -- Client Request (Outbound)
  XML-RPC -- Client Request (Inbound)
  XML-RPC -- Client Request (Outbound)
  SOAP -- Client Request (Inbound) 2
  SOAP -- Client Request (Outbound) 2
  RPC Portmapper -- TCP Activity (Dump Probe)
  RPC Portmapper -- UDP Activity (Dump Probe)
  CoralCDN -- HTTP Activity 3


Relevant Information