DDI RULE 2380
2018年12月7日
DESCRIPTION NAME:
CVE-2017-0147 - Information Disclosure Exploit - SMB (Request)
CONFIDENCE LEVEL:
SEVERITY INBOUND:
SEVERITY OUTBOUND:
Informational
Low
Medium
High
概要
This is the Trend Micro detection for malicious SMB network packet that manifest any of the following actions:
- Exploit
This attack is used for Point of Entry or Lateral Movement
詳細
Attack Phase: Point of Entry or Lateral Movement
Protocol: SMB
Risk Type: OTHERS
(Note: OTHERS can be network connections related to hacking attempts, exploits, connections done by grayware, or suspicious traffic.)
Threat Type: Exploit
Confidence Level: Medium
Severity: Medium
DDI Default Rule Status: Enable
Event Class: Exploit
Event Sub Class: Generic
Behavior Indicator: Exploit
APT Related: NO
対応方法
Network Content Inspection Pattern Version: 1.13217.00
Network Content Inspection Pattern Release Date: 07 Mar 2018
Network Content Correlation Pattern Version: 1.12813.00
Network Content Correlation Pattern Release Date: 19 Apr 2017
ご利用はいかがでしたか? アンケートにご協力ください