[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISSForum] Server Sensor 7.0 - XPU 20.11 Now Available!

To: <issforum@xxxxxxx>
Subject: [ISSForum] Server Sensor 7.0 - XPU 20.11 Now Available!
From: "Solutions Marketing" <SolutionsMarketing@xxxxxxx>
Date: Wed, 9 Apr 2003 13:06:30 -0400
Delivery-date: Wed, 09 Apr 2003 22:18:49 +0200
Envelope-to: iss@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
List-archive: <https://atla-mm1.iss.net/mailman/private/issforum/>
List-help: <mailto:issforum-request@iss.net?subject=help>
List-id: ISS Forum <issforum.iss.net>
List-post: <mailto:issforum@iss.net>
List-subscribe: <https://atla-mm1.iss.net/mailman/listinfo/issforum>, <mailto:issforum-request@iss.net?subject=subscribe>
List-unsubscribe: <https://atla-mm1.iss.net/mailman/listinfo/issforum>, <mailto:issforum-request@iss.net?subject=unsubscribe>
Reply-to: "Washburn, Lisa (ISSAtlanta)" <LWashburn@xxxxxxx>
Sender: issforum-admin@xxxxxxx
Thread-index: AcL+ul1phZdZERbPSZm8BM0+ubrVGg==
Thread-topic: Server Sensor 7.0 - XPU 20.11 Now Available!

RealSecure® Server Sensor 7.0 - XPU 20.11 is now available from the ISS Download Center: <http://www.iss.net/download/>.  

PROTECTION BENEFITS

Included in this release are forty-two new events including protocol anomaly detections and signatures.  

	*	Application Protection.  This release contains events to address issues in Peoplesoft, Trillian, Sendmail, SQL server, eDonkey, Gnutella, IIS and others.  

	*	Platform Protection.  Protection for issues in Windows and Unix operating systems is included. 


NEW EVENTS

SecChkID  	ProductCheckName              		Event Type                 		Risk Level
-------   		----------------              			---------                   		----------
142		Trace_Route_UDP			Pre-attack Probe		Low
4191		SNMP_ipForwarding			Protocol Signature		Low
4191		SNMP_ipRouteTable			Protocol Signature		Low
4191		SNMP_RMON_Collections		Protocol Signature		Low
4191		SNMP_Show_LMUsers			Protocol Signature		Low
4191		SNMP_ifTable				Protocol Signature		Low
4192		SNMP_CiscoMgmt_Ping		Protocol Signature		Low
4192		SNMP_trapAuthFailure			Protocol Signature		Low
7284		Telnet_Solaris_Forced_Login		Unauthorized Access Attempt	High
9447		Email_Virus_Double_Extension		Suspicious Activity		Medium
9448		SMTP_Virus_Recipient			Suspicious Activity		High
9600		HTTP_GET_CreateTable			Unauthorized Access Attempt	High
9601		HTTP_POST_CreateTable		Unauthorized Access Attempt	High
9602		HTTP_GET_GroupBy			Unauthorized Access Attempt	High
9603		HTTP_POST_GroupBy			Unauthorized Access Attempt	High
9604		HTTP_GET_ComputeSum		Unauthorized Access Attempt	High
9605		HTTP_POST_ComputeSum		Unauthorized Access Attempt	High
9666		SQL_SSRP_DoS			Suspicious Activity		High
9851		FastTrack_Download			Protocol Signature		Low
10254		HTTP_IE_Help_Overflow			Unauthorized Access Attempt	Medium
10370		HTTP_IIS_Host_DoS			Protocol Signature		Medium
10520		HTTP_POST_PeopleSoft_XXE		Unauthorized Access Attempt	Medium
10568		HTTP_JRun_IIS_Overflow		Unauthorized Access Attempt	High
10626		Gnutella_BearShare			Suspicious Activity		Low
10627		HTTP_EDonkey				Suspicious Activity		Low
10659		HTTP_MDAC_RDS_Overflow		Unauthorized Access Attempt	High
10748		SMTP_Sendmail_Header_Parse_OverflowUnauthorized Access Attempt	High
10776		HTTP_CobaltRAQ_OverflowCGI		Unauthorized Access Attempt	High
10781		Gnutella_LimeWire			Suspicious Activity		Low
10803		IMAP_WU_Imapd_BO			Unauthorized Access Attempt	High
10834		AOLIM_Trillian_Encrypt_Handshake	Protocol Signature		Low
10956		RPC_Large_Fragmented			Unauthorized Access Attempt	High
10962		HTTP_POST_PeopleSoft_Traversal	Unauthorized Access Attempt	High
11059		HTTP_OfficeScan_Auth_Bypass		Unauthorized Access Attempt	High
11061		HTTP_ScanMail_Auth_Bypass		Unauthorized Access Attempt	High
11063		HTTP_TrendVCS_Auth_Bypass		Unauthorized Access Attempt	Low
11073		DHCP_Minires_Format_Overflow		Unauthorized Access Attempt	High
11132		MSRPC_Locator_BO			Unauthorized Access Attempt	High
11153		SQL_SSRP_Slammer_Worm		Suspicious Activity		High
11173		IRC_Automated_Client			Unauthorized Access Attempt	High
11263		POP_User_Root			Suspicious Activity		Medium
11533		HTTP_WebDAV_Long_Rqst_BO		Protocol Signature		High


VERSIONS/PLATFORMS

XPU 20.11 applies to Server Sensor 7.0 for HP-UX.  Supported management consoles include Workgroup Managers 6.7 and SiteProtector 2.0, Service Pack 1.

For more information on this release, please contact the following:

* For additional product information:
-	Server Sensor, http://www.iss.net/products_services/enterprise_protection/rsserver/protector_server.php

*  For sales and professional services information:
-	sales@xxxxxxx <mailto:sales@xxxxxxx> 
-	800-776-2362 (U.S. and Canada); +1-404-236-2600 (International)

*  For support information, including ISS' Technical Support Knowledgebase: 
-	Customer Support - <http://www.iss.net/support/enterprise/index.php>  
-	Technical Support Knowledgebase - <http://www.iss.net/support/knowledgebase/>

*  For additional information regarding common issues experienced when downloading XPUs, please reference Answer ID 1843 in the ISS knowledgebase - <http://www.iss.net/support/knowledgebase/>





_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo

Prev by Date: RE: [ISSForum] ISS Internet Scanner 6.21 Help required
Next by Date: [ISSForum] advanced parameters in RS7.0
Previous by thread: [ISSForum] Server Sensor Compatability with MS Server 2003
Next by thread: [ISSForum] advanced parameters in RS7.0
Index(es):
- Date
- Thread