The rule is designed to trigger an alert when it detects a SunRPC Portmap GETPORT request in the network traffic. The specific content pattern in the rule corresponds to the GETPORT request for the SunRPC Portmap service.
The rule is designed to trigger an alert when it detects a SunRPC Portmap GETPORT request in the network traffic. The specific content pattern in the rule corresponds to the GETPORT request for the SunRPC Portmap service.
This alert is triggered when detecting an attempt to download or transfer the EICAR test file. The EICAR test string is used to test the responsiveness of computer antivirus programs. It poses no security risk but triggers antivirus software in the same manner as a real virus. This alert may be triggered when an adversary is attempting to test the effectiveness or presence of an antivirus solution on a system by trying to download or transfer the EICAR test string.
This alert is triggered when detecting an attempt to access the Adobe ColdFusion administration interface. Adobe ColdFusion is a powerful web application development platform. This alert may be triggered when an adversary is attempting to gain unauthorized access to the ColdFusion admin interface.