SonicALERT
Search

Sonicwall Signatures


Go to All Categories list.
Go to All Applications list.

Category: PROTOCOLS

PROTOCOLS Category Description

This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent certain protocols on network.

  Telnet -- WILL ECHO Command
  Telnet -- DO ECHO Command
  SOAP -- Inbound Request 1
  SOAP -- Outbound Request 1
  SSH Protocol -- Generic Protocol Detection
  SMB -- IPC$ Share Access
  SMB -- IPC$ Share Access (Unicode)
  Telnet -- Outbound to Client Standard Port
  Telnet -- Inbound to Client Standard Port
  LDAP v3 -- Inbound TLS Connection
  LDAP v3 -- Outbound TLS Connection
  LDAP v3 -- Inbound SASL Connection
  LDAP v3 -- Outbound SASL Connection
  NNTP -- Outbound Request
  NNTP -- Inbound Request
  SNMP -- public Access (UDP)
  SNMP -- public Access (TCP)
  SNMP -- private Access (UDP)
  STUN -- Binding Request
  Telnet -- Inbound to Server Standard Port
  Telnet -- Outbound to Server Standard Port
  DNS Protocol -- Standard Query Response (Authoritative)
  DNS Protocol -- Standard Query Response (Non-Authoritative)
  DNS Protocol -- Standard Query A (RD=0)
  IMAP -- Outbound Server Response 1
  POP -- Inbound Connection
  HTTP Protocol -- GET
  HTTP Protocol -- POST
  SMTP -- Outgoing Client HELO Request
  SMTP -- Outgoing Client EHLO Request
  SSL -- SSLv3.0
  SSL -- TLSv1.0 (SSLv3.1)
  IMAP -- Inbound Server Response 2
  POP -- Outbound Connection
  SMB -- Outbound Traffic
  DNS Protocol -- Standard Query A
  ICMP -- Echo (8)
  ICMP -- Echo Reply (0)
  ICMP -- Redirect (5)
  ICMP -- Destination Unreachable (3)
  POP -- Inbound Connection TLS
  Teredo -- UDP Traffic
  H.248 Protocol -- Megaco
  H.248 Protocol -- Megaco Reply
  DHCP Protocol -- Boot Protocol
  NTLMSSP -- Authentication
  DCERPC -- Bind Request
  DCERPC -- Bind Reply
  HTTP Protocol -- PUT
  HTTP Protocol -- HEAD
  FTP -- FTP Proxy Connection
  LDAP v3 -- Kerberos
  HTTP Protocol -- Status 206 Partial Content
  HTTP Protocol -- Content-Range Header
  DNS Protocol -- Standard Query .info Information Domains
  DNS Protocol -- Standard Query .com Commercial Domains
  DNS Protocol -- Standard Query .org Organizaion Domains
  DNS Protocol -- Standard Query .net Network Domains
  DNS Protocol -- Standard Query .xxx Adult Entertainment Domains
  DNS Protocol -- Standard Query .cn China Domains
  DNS Protocol -- Standard Query A Reverse Lookup
  HTTP Protocol -- Range Header
  SNMP -- Version 1
  SNMP -- Version 2
  SNMP -- Version 3
  Apple Filing Protocol -- File Sharing Request
  Apple Filing Protocol -- File Sharing Reply
  Apple Bonjour -- Multicast DNS Standard Query
  Apple Bonjour -- Multicast DNS Standard Respone
  SSL -- TLSv1.1
  SSL -- TLSv1.2
  FTP -- Control Channel Incoming Request (Any Port)
  WebDAV -- PROPFIND Request
  WebDAV -- MOVE Request
  WebDAV -- COPY Request
  WebDAV -- LOCK Request
  WebDAV -- UNLOCK Request
  WebDAV -- MKCOL Request
  WebDAV -- PROPPATCH Request
  FTP -- Control Channel Outgoing Request (Any Port)
  SMTP -- Incoming Client HELO Request
  SMTP -- Incoming Client EHLO Request
  IMAP -- Inbound Server Response 1
  SMB -- Inbound Traffic
  SMB2 -- Inbound Traffic
  SMB2 -- Outbound Traffic
  IMAP -- TLS Response From Server
  IMAP -- Plaintext Login
  FTP -- Data channel (generic)
  H.323 Protocols -- Data channel
  SMTP -- TLS Connection Offer From Server
  IMAP -- Outbound Server Response 2
  IMAP -- TLS Request to Server
  POP -- Outbound Connection TLS
  SSH Protocol -- Client Request Inbound
  SSH Protocol -- Client Request Outbound
  WebSocket -- Upgrade Request
  SSL -- SPDYv3.1 Client Hello
  STUN -- Allocate Request
  Aspera FASP Protocol -- Control Channel
  Aspera FASP Protocol -- Data Channel
  Aspera FASP Protocol -- HTTPS Activity
  FTP -- PUT Command (Any Port)
  FTP -- GET Command (Any Port)
  HTTP Protocol -- OPTIONS
  HTTP Protocol -- DELETE
  HTTP Protocol -- CONNECT
  HTTP Protocol -- TRACE
  WebSocket -- Client Request
  WebSocket -- Server Response
  STUN -- Magic Cookie 0x2112A442
  STUN -- UDP TURN Magic Cookie 0x72C64BC6
  STUN -- TCP TURN Magic Cookie 0x72C64BC6
  DNS Protocol -- DNS Over HTTPS (DoH) 1 [Reqs DPI-SSL]
  DNS Protocol -- DNS Over HTTPS (DoH) 2 [Reqs DPI-SSL]
  DNS Protocol -- DNSSEC
  JSON -- Inbound Request
  JSON -- Outbound Request
  XML-RPC -- Inbound Request
  XML-RPC -- Outbound Request
  SOAP -- Inbound Request 2
  SOAP -- Outbound Request 2


Relevant Information