SonicALERT
Search

Sonicwall Signatures

 

  All Categories


Category: REMOTE-ACCESS

REMOTE-ACCESS Category Description

This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent legitimate traffic generated by remote-access applications such as Remote Desktop.

  AweSun Remote Desktop -- HTTPS Activity
  TeamViewer -- HTTP User-Agent
  LogMeIn Hamachi -- HTTPS Activity
  LogMeIn Hamachi -- HTTP Activity 1
  TeamViewer -- Proprietary Protocol (over TCP) 1
  TeamViewer -- HTTP Activity 3
  VNC (Remote Frame Buffer) -- Client Request
  TeamViewer -- HTTP Activity 4
  FastViewer -- HTTP Activity 1
  RAdmin -- Client Request
  Yoics -- HTTPS Activity
  PCAnywhere -- Login (Administrator)
  Windows Remote Desktop Services -- Client Request (Outbound) 1
  Windows Remote Desktop Services -- Client Request (Inbound) 1
  X11 -- Client Request (Outbound)
  X11 -- Client Request (Inbound)
  X Font Server -- Client Request (Outbound)
  X Font Server -- Client Request (Inbound)
  Rlogin -- Client Request (Inbound)
  Rlogin -- Client Request (Outbound)
  RSH -- Client Request (Inbound)
  RSH -- Client Request (Outbound)
  PCAnywhere -- Server Response (UDP)
  ShowMyPC -- HTTP Activity 1
  ShowMyPC -- HTTP Activity 2
  ShowMyPC -- HTTPS Activity 1
  Awareness Technologies -- HTTPS Activity
  Sonar Central -- HTTPS Activity
  Citrix -- HTTP Activity
  RemotelyAnywhere -- HTTPS Activity
  RemotelyAnywhere -- Server Response (Outbound) 1
  RemotelyAnywhere -- Server Response (Outbound) 2
  RemotelyAnywhere -- Server Response (Inbound) 1
  RemotelyAnywhere -- Server Response (Inbound) 2
  LogMeIn -- HTTPS Activity 1
  Remote Utilities -- DNS Query
  Remote Utilities -- HTTPS Activity
  GoToMyPC -- Server Response (Inbound) 1 [Reqs all Citrix sigs]
  FastViewer -- HTTP Activity 3
  Atera -- HTTPS Activity
  AirDroid -- HTTPS Activity
  Alpemix VNC -- HTTP Activity 3
  AeroAdmin VNC -- TCP Activity
  AnyDesk Remote Desktop -- TCP Activity 1
  AnyDesk Remote Desktop -- TCP Activity 2
  Apache Guacamole RDP Gateway -- HTTPS Activity
  BeyondTrust Remote Support Software -- HTTPS Activity
  Chrome Remote Desktop -- QUIC Activity
  SolarWinds Dameware -- HTTPS Activity (Remote Everywhere)
  SolarWinds Dameware -- HTTP Activity (Mini Remote Control)
  Syncromsp -- HTTPS Activity
  DeskShare -- HTTP Activity
  Ezhelp Remote Support -- HTTP Activity
  FastViewer -- HTTP Activity 2
  GoToAssist -- SSL/TLS Activity 1
  GoToAssist -- SSL/TLS Activity 2
  Goverlan -- HTTP Activity
  LiteManager Viewer -- TCP Activity
  LogMeIn Rescue -- HTTPS Activity
  NoMachine -- TCP Activity (NX)
  Parallels Access -- HTTPS Activity
  RAdmin -- Server Response
  RemoteView -- Login 1
  Remotix Remote Desktop -- SSL/TLS Activity
  Remotix Remote Desktop -- TCP Activity
  ConnectWise Control -- HTTPS Activity 1
  ShowMyPC -- HTTP Activity 3
  ShowMyPC -- HTTPS Activity 2
  Sunlogin -- HTTPS Activity
  SupRemo Remote Desktop -- SSL/TLS Activity 1
  Ultraviewer Remote Desktop -- HTTPS Activity
  Sametime Unyte -- HTTPS Activity
  Laplink Everywhere -- SSL/TLS Activity
  Bomgar -- HTTPS Activity 1
  Authentic8 Silo -- HTTPS Activity 1
  Authentic8 Silo -- HTTPS Activity 2
  NTRconnect -- HTTP Activity
  SpyAgent -- TCP Activity (SMTP Log Delivery)
  eBLVD -- SSL/TLS Activity
  MightyViewer -- HTTPS Activity
  Remote Ripple -- HTTPS Activity
  TightVNC -- HTTPS Activity
  Windows Remote Desktop Services -- Client Request (Outbound) 2
  Windows Remote Desktop Services -- Client Request (Inbound) 2
  DWService -- HTTPS Activity 1
  Synergy -- TCP Activity
  Motorola Timbuktu Pro -- UDP Activity
  Chrome Remote Desktop -- HTTPS Activity 1
  ISL Light -- HTTP Activity
  SolarWinds Dameware -- TCP Activity (Mini Remote Control)
  NetViewer -- HTTP Activity
  NetViewer -- TCP Activity 1
  NetViewer -- TCP Activity 2
  Getscreen -- HTTPS Activity 1
  Bomgar -- HTTPS Activity 2
  Bomgar -- DNS Query
  Todesk -- DNS Query 1
  Anyviewer -- HTTPS Activity 1
  Anyviewer -- Proprietary Protocol 1
  MRemoteNG -- HTTPS Activity 1
  Mikogo -- HTTP Activity
  GoToMyPC -- Client Request (Outbound) [Reqs all Citrix sigs]
  ConnectWise Control -- HTTPS Activity 2
  Ammyy Admin -- TCP Activity 1
  Ammyy Admin -- TCP Activity 2
  LogMeIn Hamachi -- Registration (Meditation Server)
  ISL Light -- HTTPS Activity 2
  Hop To Desk -- HTTPS Activity 1
  NinjaOne RMM -- HTTPS Activity 1
  LogMeIn -- HTTPS Activity 2
  BeamYourScreen -- HTTPS Activity 1
  BeamYourScreen -- DNS Query
  BeamYourScreen -- HTTP Activity
  Techinline -- SSL/TLS Activity
  Anyplace Control -- TCP Activity 1
  Anyplace Control -- TCP Activity 2
  Anyplace Control -- TCP Activity 3
  Input Director -- TCP Activity
  Input Director -- UDP Activity
  SoonR Desktop Agent -- SSL/TLS Activity
  Fixme -- Client request
  Rustdesk -- HTTPS Activity 1
  Rustdesk -- HTTP Activity 1
  BeamYourScreen -- TCP Activity
  LogMeIn Hamachi -- HTTP Activity 2
  Single Click Connect -- HTTPS Activity
  Citrix -- TCP Activity (JEDI Request)
  Citrix -- TCP Activity (JEDI Reply)
  Citrix -- SSL/TLS Activity 1
  TeamViewer -- HTTPS Activity 2
  TeamViewer -- Proprietary Protocol (over UDP) 1
  TeamViewer -- Proprietary Protocol (over UDP) 2
  TeamViewer -- HTTP Activity 1
  TeamViewer -- HTTP Activity 2
  RemoteView -- HTTP Activity 1
  RemoteView -- HTTPS Activity
  RemoteView -- Login 2
  RemoteView -- HTTP Activity 2
  Citrix -- SSL/TLS Activity 2
  Citrix -- UDP Activity (JEDI Request)
  GoToMyPC -- Server Response (Inbound) 2 [Reqs all Citrix sigs]
  Citrix -- HTTP Activity (JEDI Request)
  Avocent -- TCP Activity (KVM Remote Control)
  Avocent -- HTTPS Activity
  DeskShare -- TCP Activity
  ISL Light -- HTTPS Activity 1
  Jump Desktop -- HTTP Activity
  Jump Desktop -- HTTP Activity (relay.google.com)
  Jump Desktop -- HTTPS Activity
  Jump Desktop -- DNS Query
  Jump Desktop -- DNS Query (relay.google.com)
  NetOp Remote Control -- UDP Activity 1
  NetOp Remote Control -- UDP Activity 2
  NetOp Remote Control -- TCP Activity 1
  NetOp Remote Control -- TCP Activity 2
  NetOp Remote Control -- TCP Activity 3
  NetOp Remote Control -- HTTP Activity 1
  NetOp Remote Control -- HTTP Activity 2
  pcvisit Remote -- HTTP Activity
  NTRglobal -- HTTPS Activity
  PhoneMyPC -- HTTPS Activity
  Splashtop Remote Desktop -- HTTP Activity 1
  Splashtop Remote Desktop -- HTTP Activity 2
  PCAnywhere -- UDP Activity (Host Discovery) 1
  PCAnywhere -- UDP Activity (Host Discovery) 2
  PCAnywhere -- Proprietary Protocol
  TeamViewer -- HTTPS Activity 1
  TeamViewer -- DNS Query
  Ammyy Admin -- HTTP Activity
  Single Click Connect -- HTTP Activity
  Single Click Connect -- DNS Query
  Zook -- DNS Query
  Zook -- HTTP Activity
  Zook -- TCP Activity
  PC-over-IP Remote Desktop -- UDP Activity (Data Channel Out)
  PC-over-IP Remote Desktop -- UDP Activity (Data Channel In)
  Chrome Remote Desktop -- Authentication
  Chrome Remote Desktop -- DNS Query (Client)
  Chrome Remote Desktop -- HTTPS Activity (Host)
  Chrome Remote Desktop -- HTTPS Activity (Client)
  Chrome Remote Desktop -- DNS Query (Host)
  TeamViewer -- Proprietary Protocol (over TCP) 2
  Join Me -- HTTPS Activity
  Join Me -- HTTP Activity
  BeamYourScreen -- HTTPS Activity 2
  NTRglobal -- HTTP Activity
  Chrome Remote Desktop -- STUN Activity
  Thinfinity Remote Desktop Server -- HTTPS Activity
  Connectify -- DNS Query
  Connectify -- HTTPS Activity
  AnyDesk Remote Desktop -- HTTPS Activity
  ConnectWise Control -- HTTP Activity
  ConnectWise Control -- TCP Activity
  Alpemix VNC -- HTTP Activity 1
  Alpemix VNC -- HTTP Activity 2
  Alpemix VNC -- TCP Activity 1
  Alpemix VNC -- TCP Activity 2
  Alpemix VNC -- TCP Activity 3
  Livecare -- App Feature (Chat) 1
  Livecare -- HTTPS Activity
  Livecare -- App Feature (Chat) 2
  SupRemo Remote Desktop -- SSL/TLS Activity 2
  SupRemo Remote Desktop -- SSL/TLS Activity 3
  Iperius Remote Desktop -- HTTPS Activity
  VNC (Remote Frame Buffer) -- Server Response

Relevant Information


© SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0