Rule Category

PROTOCOL-RPC -- Snort has detected traffic that may indicate the presence of the rpc protocol or vulnerabilities in the rpc protocol on the network.

Alert Message

PROTOCOL-RPC mountd UDP dump request

Rule Explanation

The RPC service mountd enables clients to connect to networked file dismounted via UDP. Impact: Denial of network resources to users on the local area network. Details: This may be an attempt to deny access to network resources from an unauthorized source. It may also be indicative of an attacker probing for RPC services on a host in an attempt to discover a possible entry point to network resources via a vulnerable daemon. Ease of Attack: Simple

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Brian Caswell Nigel Houghton

Rule Groups

No rule groups

CVE

None

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None