Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 MS-RPC:EPDUMP-SCAN-2

Severity

 Low

Recommended

 Yes

Recommended Action

 Drop

Category

 MS-RPC

Keywords

 epdump

Release Date

 2013/01/24

Update Number

 2228

Supported Platforms

 di-5.3+

MS-RPC: Epdump Scan Detected (2)


This anomaly detects a client enumerating MSRPC endpoints on a windows server. This can indicate a probing scan prior to a more sophisticated attack.

Extended Description

A remote attacker could enumerate the MSRPC services on a Windows Server by using EPDump to systematically query the End Point Mapper. With this information, an attacker could plan attacks to compromise the server.

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out