SonicWALL Security Center

Sonicwall Signatures

All Categories

Category: MULTIMEDIA

Multimedia Category Description
This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent Multimedia based network traffic and content. Often multimedia applications playback streaming audio or video content over a network. These streaming services can choke network bandwidth and present a variety of security and legal liabilities, because the streaming content may be corrupted or inappropriate for the workplace.
Because streaming media applications need to take in parameters to locate the files that they play, they are vulnerable to buffer overflow attacks. With older versions of many media players, attackers could, for example, provide a link with carefully crafted parameters that could cause the player to malfunction and the computer to execute arbitrary code, allowing the attacker to take control of the machine. Recent versions of media players have been proven to be vulnerable to more sophisticated but similar forms of buffer overflow attack. Because these players only need to be installed on the computer for such attacks to function, they can be a significant liability to network security.
SonicWALL multimedia signatures are classified as low priority and are set to "detect" by default. When they are enabled for prevention, they block connection attempts to remote media or playlists, allowing administrators to keep networks clear of bandwidth hogs, reduce security risks, and decrease the chance that users will access inappropriate content.

	Flash Video -- File Download (HTTP-FLV) 1
	Flash Video -- File Download (HTTP-FLV) 2
	Flash Video -- File Download (HTTP-FLV) 3
	PPStream -- UDP Activity (Channel Info)
	PPStream -- UDP Activity 1
	PPStream -- TCP Activity
	Flash Video -- File Download (HTTP-SWF) 1
	Windows Media -- Audio Transmission (WAX)
	Windows Media -- Video Transmission (WMV)
	Windows Media Player -- HTTP User-Agent (NSPlayer) 1
	PPLive (PPTV) -- HTTP Activity 1
	PPLive (PPTV) -- HTTP Activity 2
	Hulu -- HTTP Activity 1
	Flash Video -- File Download (HTTP-SWF) 2
	TVU Networks -- UDP Activity
	SmugMug -- HTTP Activity
	Spotify -- Login (HTTPS) 3
	Spotify -- HTTPS Activity
	Autobahn -- HTTP Activity
	Vimeo -- HTTP Activity 1
	Vimeo -- HTTP Activity 2
	Apple QuickTime -- HTTP User-Agent
	Windows Media -- Audio Transmission (WMA)
	Windows Media -- Video Transmission (ASF) 1
	SHOUTcast -- HTTP Activity
	Icecast -- HTTP Activity
	PPLive (PPTV) -- HTTP Activity 3
	PodOmatic -- HTTP Activity
	Flixster -- HTTP Activity
	MP3 -- File Download (HTTP) 1
	Flash Video -- File Download (HTTP-SWF) 3
	MPEG -- Video Transmission
	Spotify -- Login (TCP)
	Spotify -- Login (HTTP) 1
	Spotify -- Login (HTTPS) 1
	Kuwo -- UDP Activity 1
	Nico Nico Douga -- SSL/TLS Activity
	QQMusic -- UDP Activity 1
	QQMusic -- App Feature (Music Download)
	Spotify -- Login (HTTP) 2
	Spotify -- Login (HTTPS) 2
	RTSP -- Streaming 1
	RTSP -- Streaming 2
	Brightcove -- HTTPS Activity
	Gracenote -- HTTP Activity
	Microsoft Media Server (MMS) -- Streaming (TCP)
	TVU Networks -- TCP Activity
	QQLive -- TCP Activity 1
	QQLive -- TCP Activity 2
	QQLive -- UDP Activity
	Nullsoft Winamp -- HTTP User-Agent
	MeteorNetTV -- HTTP Activity
	Veetle -- HTTP Activity
	YouTube -- App Feature (Video Play)
	FastTV -- UDP Activity
	UUSee -- HTTP Activity
	Gaia (Gaiam) -- HTTP Activity
	YouPorn -- HTTP Activity 1
	YouPorn -- HTTP Activity 2
	Youku -- HTTP Activity
	Youku -- DNS Query
	Mxplayer -- HTTPS Activity
	Windows Media Player -- HTTP Activity 1
	Windows Media Player -- HTTP Activity 2
	Veoh -- HTTPS Activity
	Sirius XM -- HTTP Activity
	Tudou -- HTTP Activity
	Netflix -- HTTP Activity 1
	Sohu TV -- HTTP Activity
	RuTube -- HTTP Activity
	Hotstar -- HTTPS Activity
	Photobucket -- HTTP Activity
	Pandora Radio -- HTTP Activity 1
	Pandora Radio -- HTTPS Activity 1
	Flash Video -- RTMP Activity 1
	National Public Radio (NPR) -- HTTP Activity
	Flash Video -- RTMP Activity 2
	Live365 -- HTTP Activity 1
	6cn -- HTTP Activity
	ABC (Australian Broadcasting Corporation) -- HTTPS Activity 1
	Dailymotion -- HTTP Activity
	Deezer -- HTTP Activity 1
	Flickr -- HTTP Activity
	Kickassanime -- HTTPS Activity
	Funshion -- HTTP Activity
	Funshion -- Login 1
	Funshion -- Login 2
	GOM Player -- HTTP User-Agent
	Apple iTunes -- HTTP User-Agent (iTunes)
	Icecast -- Streaming 1
	Windows Media Player -- Streaming (RTSP)
	XMMS -- HTTP User-Agent
	Microsoft Media Server (MMS) -- TCP Activity
	Windows Media -- Video Transmission (ASF) 2
	QQMusic -- HTTP Activity 1
	Y2Mate -- HTTPS Activity
	QQMusic -- HTTP Activity 2
	QQMusic -- UDP Activity 2
	QQMusic -- UDP Activity 3
	QQMusic -- UDP Activity 4
	QQMusic -- UDP Activity 5
	Kuwo -- UDP Activity 2
	Kuwo -- HTTP Activity
	Kuwo -- TCP Activity
	Resso -- HTTPS Activity
	Flash Video -- File Download (HTTP-SWF) 4
	OnlyFans -- HTTP Activity
	TubiTV -- HTTPS Activity
	Crunchyroll -- HTTPS Activity
	Vudu -- HTTPS Activity
	Last.fm -- HTTP Activity 1
	SageTV -- TCP Activity
	Last.fm -- HTTP User-Agent
	Baofeng -- HTTP Activity 1
	EarthCam -- HTTP Activity
	Sonyliv -- HTTPS Activity
	GOM TV -- HTTP Activity
	Graboid Video -- HTTP Activity
	Tidal -- HTTPS Activity
	Graboid Video -- HTTPS Activity
	Voot -- HTTPS Activity
	Zee5 -- HTTPS Activity
	Baofeng -- HTTP Activity 2
	Baofeng -- TCP Activity
	Animeflv -- HTTPS Activity
	MvBoxPlayer -- HTTP User-Agent
	MvBoxPlayer -- HTTP Activity
	CCTV -- HTTP Activity 1
	Amazon Audible -- HTTPS Activity 1
	Amazon Audible -- HTTPS Acitivity 2
	BBC iPlayer -- HTTP Activity
	TikTok -- HTTPS Activity 4
	Tencent Video -- HTTPS Activity 1
	Sogou Musicbox -- HTTP Activity
	Juice Receiver -- HTTP User-Agent
	Jio Cinema -- HTTPS Activity 1
	Rave -- HTTPS Activity 1
	JustWatch -- HTTPS Activity 1
	Boxee -- HTTP Activity
	Google Podcasts -- HTTPS Activity 1
	Storytel -- HTTPS Activity
	Google Podcasts -- HTTPS Activity 2
	Google Podcasts -- HTTPS Activity 3
	Audacy -- HTTPS Activity
	Youtube Music -- HTTPS Activity 1
	Apple Music -- HTTPS Activity 1
	Loom -- HTTPS Activity 1
	SHOUTcast -- TCP Activity
	Wynk -- HTTPS Activity
	Boomplay -- HTTPS Activity 1
	Netflix -- DNS Query 1
	Netflix -- DNS Query 2
	Netflix -- HTTP Activity 3
	Netflix -- HTTP Activity 2
	Netflix -- HTTPS Activity 1
	Billboard -- HTTPS Activity 1
	Windows Media Player -- ActiveX Instantiation 2
	Magic MP3 Tagger -- HTTP User-Agent
	YouTube -- App Feature 2 (Video Play) [Reqs DPI-SSL CI]
	YouTube -- App Feature 3 (Video Play) [Reqs DPI-SSL CI]
	Shufflr -- HTTP Activity
	IMBC -- HTTPS Activity
	MBC News -- HTTPS Activity
	Shazam -- HTTPS Activity 1
	NCAA March Madness -- HTTP Activity 1
	YouTube -- App Feature (Share) [Reqs DPI-SSL CI]
	YouTube -- App Feature 4 (Live Video Play) [Reqs DPI-SSL CI]
	Imgur -- HTTPS Activity 1
	Accuradio -- HTTPS Activity 1
	Live365 -- HTTP Activity 2
	Jango -- HTTP Activity
	VLC Media Player -- HTTP User-Agent
	wwiTV -- HTTP Activity
	Windows Media Player -- HTTP User-Agent (Windows-Media-Player)
	SnapStream BeyondTV -- HTTPS Activity
	SnapStream BeyondTV -- UDP Activity (Server Search)
	MyTV Super -- HTTPS Activity 1
	Qobuz -- HTTPS Activity 1
	YouTube -- App Feature (Channel ID) 1 [Reqs DPI-SSL CI]
	Discogs -- HTTPS Activity 1
	Windows Media Player -- ActiveX Instantiation 1
	MP3 -- File Download (HTTP) 2
	Biennesoft YouTube Downloader -- HTTP Activity
	Windows Media Player -- HTTP User-Agent (NSPlayer) 2
	Crackle -- HTTP Activity 1
	Crackle -- HTTP Activity 2
	Icecast -- Streaming 2
	YouTube -- App Feature (Like) [Reqs DPI-SSL CI] 1
	YouTube -- App Feature (Shorts) [Reqs DPI-SSL CI] 1
	YouTube -- App Feature (Shorts) [Reqs DPI-SSL CI] 2
	YouTube -- App Feature (Comment) [Reqs DPI-SSL CI] 1
	YouTube -- App Feature (Download) [Reqs DPI-SSL CI] 1
	YouTube -- App Feature (Subscribe) [Reqs DPI-SSL CI] 1
	YouTube -- App Feature (Save) [Reqs DPI-SSL CI] 1
	YouTube -- HTTP Activity 4
	NCAA March Madness -- HTTP Activity 2
	Last.fm -- HTTP Activity 2
	AppleTV -- HTTP User-Agent
	Apple iPhoto -- HTTP User-Agent
	YouTube -- HTTP Activity (youtube.com)
	Miro -- HTTP Activity
	Pandora Radio -- HTTP Activity 2
	The Hype Machine -- HTTP Activity
	Deezer -- HTTP Activity 2
	Slacker -- HTTP Activity
	8tracks -- HTTP Activity
	Apple iTunes -- HTTP User-Agent (AppStore)
	YouTube -- HTTP User-Agent (Apple) 1
	National Public Radio (NPR) -- HTTPS Activity
	Fandango -- Mobile Client
	Apple iTunes -- SSL/TLS Activity 1
	Xfinity -- HTTPS Activity
	Windows Media -- Video Transmission (ASF) 3
	WGCI.com -- HTTP Activity
	Flash Video -- RTMP Activity (port 1935) 1
	Flash Video -- RTMP Activity (port 80) 1
	Flash Video -- RTMP Activity (port 443) 1
	Flash Video -- RTMP Activity (port 1935) 2
	Flash Video -- RTMP Activity (port 80) 2
	Flash Video -- RTMP Activity (port 443) 2
	NCAA March Madness -- Streaming 1
	Sirius XM -- HTTPS Activity
	Afreeca -- Login
	Afreeca -- HTTP Activity 2
	Afreeca -- HTTP Activity 1
	MPEG -- Audio Transmission
	Flash Video -- File Download (HTTP-SWF) 5
	Mgoon.com -- HTTP Activity
	Pandora.tv -- HTTP Activity
	Nate.com -- HTTP Activity
	ADNStream -- HTTP Activity
	Hulu -- HTTPS Activity 1
	Netflix -- HTTPS Activity 2
	Flixster -- HTTPS Activity
	Apple iTunes -- HTTP Activity
	Apple iTunes -- SSL/TLS Activity 2
	Apple iTunes -- HTTP User-Agent (iTunes Store)
	56.com -- HTTP Activity
	Spotify -- HTTP Activity 1
	Spotify -- HTTP Activity 2
	MP3 -- File Transfer (P2P)
	Flash Video -- File Download (HTTP-FLV) 4
	Flash Video -- File Download (HTTP-FLV) 5
	Baofeng -- DNS Query 1
	Baofeng -- DNS Query 2
	Baofeng -- UDP Activity
	M1905 Dianyingwang -- HTTP Activity
	M1905 Dianyingwang -- DNS Query
	M1905 Dianyingwang -- UDP Activity
	NCAA March Madness -- Streaming 2
	YouTube -- DNS Query (youtube.com)
	Apple Core Media -- HTTP Activity
	YouTube -- HTTP User-Agent (Android) 1
	PacketVideo -- HTTP User-Agent
	Hulu -- DNS Query
	Hulu -- HTTP Activity 2
	TVB -- HTTP Activity
	TVB -- DNS Query
	Shazam -- DNS Query
	Olympic Games -- DNS Query
	Olympic Games -- HTTP Activity 1
	SoundHound -- DNS Query
	SoundHound -- HTTP Activity
	SoundHound -- HTTPS Activity
	Olympic Games -- HTTP Activity 2
	Olympic Games -- HTTP Activity 3
	Olympic Games -- HTTP Activity 4
	CNTV -- HTTP Activity
	CNTV -- DNS Query
	War Commander -- HTTP Activity
	MP3 -- File Download (HTTP) 3
	TuneIn Radio -- HTTPS Activity 1
	TuneIn Radio -- HTTPS Activity 2
	TuneIn Radio -- HTTPS Activity 3
	TuneIn Radio -- DNS Query 1
	TuneIn Radio -- HTTP User-Agent
	TuneIn Radio -- HTTP Activity 1
	TuneIn Radio -- HTTP Activity 2
	TuneIn Radio -- DNS Query 2
	Tango -- DNS Query
	Tango -- HTTPS Activity 1
	Tango -- HTTP Activity
	Tango -- TCP Activity
	Tango -- HTTP User-Agent
	Tango -- HTTPS Activity 2
	MP3 -- File Upload (HTTP)
	MP3 -- File Download (HTTP) 4
	CCTV -- HTTP Activity 2
	YouTube -- HTTP User-Agent (Android) 2
	YouTube -- HTTP User-Agent (Apple) 2
	YouTube -- HTTP Activity (ytimg.com)
	YouTube -- HTTP Activity (Referer)
	YouTube -- DNS Query (ytimg.com)
	PPStream -- DNS Query
	PPStream -- HTTP Activity 1
	PPStream -- UDP Activity 2
	PPStream -- UDP Activity 3
	PPStream -- HTTP Activity 2
	Pandora Radio -- HTTPS Activity 2
	Pandora Radio -- HTTP Activity 3
	Pandora Radio -- DNS Query
	iHeartRadio -- HTTP Activity 2
	iHeartRadio -- Audio Transmission 1
	iHeartRadio -- HTTP Activity 1
	iHeartRadio -- HTTPS Activity 1
	iHeartRadio -- HTTPS Activity 2
	iHeartRadio -- Audio Transmission 2
	iHeartRadio -- Audio Transmission 3
	Amazon Prime Video -- HTTPS Activity 1
	Hulu -- HTTPS Activity 2
	Apple iTunes Radio -- HTTP Activity
	Apple iTunes Radio -- HTTPS Activity
	Apple iTunes Radio -- DNS Query
	iQiyi -- DNS Query 1
	iQiyi -- DNS Query 2
	iQiyi -- HTTP Activity 1
	iQiyi -- HTTP Activity 2
	LeTV.com -- DNS Query 1
	LeTV.com -- DNS Query 2
	LeTV.com -- HTTP Activity 1
	LeTV.com -- HTTP Activity 2
	PPLive (PPTV) -- UDP Activity
	AppSpot -- DNS Query
	AppSpot -- HTTPS Activity
	Flash Video -- File Download (HTTP-SWF) 6
	Flash Video -- File Download (HTTP-SWF) 7
	YouTube -- HTTPS Activity 1
	Octoshape -- Streaming (HTTP) 1
	Octoshape -- Streaming (HTTP) 2
	Octoshape -- Streaming (UDP)
	YouTube -- App Feature (Video Upload) 1
	Spotify -- Login (HTTPS) 4
	Spotify -- DNS Query
	YouTube -- DNS Query (youtube.ui)
	ITV Video Playback -- HTTPS Activity
	ITV Video Playback -- DNS Query
	HBO Max -- HTTPS Activity 1
	HBO Max -- HTTPS Activity 2
	HBO Max -- HTTP Activity 1
	HBO Max -- HTTP Activity 2
	iHeartRadio -- HTTP Activity 4
	Flash Video -- File Download (HTTP-SWF) 8
	Twitch -- HTTPS Activity 1
	YouTube -- DNS Query (googlevideo.com)
	YouTube -- HTTPS Activity 2
	YouTube -- UDP Activity
	Google News -- HTTP Activity [Reqs DPI-SSL]
	iHeartRadio -- HTTP Activity 3
	iHeartRadio -- DNS Query 1
	iHeartRadio -- DNS Query 2
	Foxtel -- HTTP Activity
	Foxtel -- DNS Query
	SoundCloud -- HTTPS Activity
	SoundCloud -- HTTP Activity
	Gracenote -- HTTP Activity (Music Lookup)
	Plex TV -- Streaming (HTTPS)
	Amazon Prime Video -- HTTPS Activity 2
	Amazon Prime Video -- DNS Query
	Amazon Prime Video -- HTTP Activity [Reqs DPI-SSL CI]
	Amazon Prime Video -- API Activity
	BBC -- HTTP User-Agent
	Dailymotion -- HTTPS Activity 1
	Dailymotion -- HTTPS Activity 2
	Dailymotion -- HTTPS Activity 3
	YouTube -- App Feature (Video Upload) 2
	Netflix -- HTTPS Activity 3
	Netflix -- HTTPS Activity 4
	Netflix -- HTTPS Activity 5
	Vimeo -- HTTPS Activity 1
	Vimeo -- HTTPS Activity 2
	BBC iPlayer -- HTTP User-Agent
	BBC iPlayer -- HTTPS Activity
	BBC -- HTTPS Activity (bbc.co.uk)
	BBC -- HTTPS Activity (bbc.com)
	BBC iPlayer -- DNS Query
	Amazon Prime Music -- HTTPS Activity
	Amazon Prime Music -- DNS Query
	Twitch -- HTTPS Activity 2
	Twitch -- HTTPS Activity 3
	Twitch -- HTTPS Activity 4
	Twitch -- HTTPS Activity 5
	Twitch -- HTTPS Activity 6
	Twitch -- DNS Query
	TikTok -- DNS Query 1
	TikTok -- HTTPS Activity 1
	Flash Video -- email Attachment 1
	Flash Video -- email Attachment 2
	Flash Video -- email Attachment 3
	Flash Video -- email Attachment 4
	Okezone.com -- HTTPS Activity
	Pluto TV -- DNS Query
	Pluto TV -- HTTPS Activity 1
	Pluto TV -- HTTPS Activity 2
	Amazon Fire TV -- HTTP Activity 2

Relevant Information