""ET DOS CLDAP Amplification Reflection (PoC based)""
SID: 2024584
Revision: 1
Class Type: attempted-dos
Metadata: affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, affected_product Linux, attack_target Server, created_at 2017_08_16, deployment Perimeter, performance_impact Significant, signature_severity Major, updated_at 2017_08_16
Reference:
Protocol: udp
Source Network: $EXTERNAL_NET
Source Port: 389
Destination Network: $HOME_NET
Destination Port: 389
Flow:
Contents:
- Value: "|30 84 00 00 00 2d 02 01 01 63 84 00 00 00 24 04 00 0a 01 00|"
Within:
PCRE:
Special Options:
- fast_pattern