MediumRealSecure Network, RealSecure Server Sensor, RealSecure Desktop Protector, BlackICE Server Protection, BlackICE PC Protection, RealSecure Sentry, RealSecure Guard, BlackICE Agent for Server, IBM Security Server Protection for Windows, Proventia Network MFS, Proventia Desktop, Proventia-G 1.1 and earlier, Proventia Network IDS, Proventia Server IPS for Linux technology, Proventia Network IPS, RealSecure Desktop Protector 3.6, Virtual Server Protection for Vmware:
This event detects URL requests used by certain vulnerability scanners that an attacker may use to scan your network for vulnerabilities.
This signature detects URL requests used by certain vulnerability scanners that an attacker may use to scan your network for vulnerabilities.
Medium
RealSecure Network: 7.0, RealSecure Server Sensor: 7.0, RealSecure Desktop Protector: 3.6, BlackICE Server Protection: 3.6.cbd, BlackICE PC Protection: 3.6.cbd, RealSecure Sentry: 3.6, RealSecure Guard: 3.6, BlackICE Agent for Server: 3.6, IBM Security Server Protection for Windows: 2.1.14.2400, IBM Security Server Protection for Windows: 1.0.914.0, Proventia Network MFS: 1.0, Proventia Desktop: 8.0.614.1, Proventia-G 1.1 and earlier: G Series, Proventia Network IDS: A Series, RealSecure Desktop: baseline, Proventia Server IPS for Linux technology: 1.0, Proventia Network IPS: 2.0, RealSecure Desktop Protector 3.6: baseline, Virtual Server Protection for Vmware: 1.0
Various vendors Any application, IETF HTTP/1.1
Pre-attack Probe
A remote attacker is scanning a Web site for potentially vulnerable URLs.
Ensure that your personal firewall, operating system, and programs are up-to-date in order to minimize the threat of a system compromise.
ISS X-Force
HTTP URL scan
http://www.iss.net/security_center/static/8534.php