""ET POLICY RMI Request Outbound""
SID: 2034718
Revision: 3
Class Type: policy-violation
Metadata: attack_target Client_and_Server, created_at 2021_12_14, deployment Perimeter, signature_severity Informational, updated_at 2021_12_16
Reference:
Protocol: tcp
Source Network: [$HOME_NET,$HTTP_SERVERS]
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: any
Flow: established,to_server
Contents:
- Value: "|4a 52 4d 49 00|" Depth: 5
Within:
PCRE: "/^(?:\x01|\x02)(?:\x4b|\x4c|\x4d)/R"
Special Options:
- fast_pattern