Network Sensor 22.21 contains 27 new events to provide protection against multiple backdoor threats, ePolicy Orchestrator, and one new event for the Sasser Worm to compliment our preemptive protection coverage of that issue. 22.21 is the next in the series after 22.19.


Checks:

RiskVulnIDCheck NameCategory
High2389BackDoor_TCP_ResponseUnauthorized Access Attempt
Low10627Edonkey_ConnectSuspicious Activity
Low10627Edonkey_DownloadSuspicious Activity
High14166EPolicy_Orchestrator_Vulnerable_ServerUnauthorized Access Attempt
High15053TheFlu_TCP_RequestUnauthorized Access Attempt
High15110VoodooDoll_TCP_RequestUnauthorized Access Attempt
High15114Mantis_TCP_ResponseUnauthorized Access Attempt
High15116MicroSpy_TCP_ResponseUnauthorized Access Attempt
High15118Oblivion_TCP_ResponseUnauthorized Access Attempt
High15148Balistix_RequestUnauthorized Access Attempt
High15148Balistix_ResponseUnauthorized Access Attempt
High15150BasicHell_TCP_ResponseUnauthorized Access Attempt
High15151BDDT_TCP_ResponseUnauthorized Access Attempt
High15153Bigorna_TCP_ResponseUnauthorized Access Attempt
High15156Bla_RequestUnauthorized Access Attempt
High15157DigitalRootBeer_TCP_RequestUnauthorized Access Attempt
Medium15646HTTP_Connect_Proxy_Bypass_SMTPSuspicious Activity
High15767HTTP_POST_Content_Length_NegativeUnauthorized Access Attempt
High15792Celine_TCP_ResponseUnauthorized Access Attempt
High15793DFchGrisch_TCP_ResponseUnauthorized Access Attempt
High15944BladeRunner_TCP_RequestUnauthorized Access Attempt
High15944BladeRunner_TCP_ResponseUnauthorized Access Attempt
High15947Cafeini_TCP_ResponseUnauthorized Access Attempt
Medium15952HTTP_ConnectSuspicious Activity
High15961CrackDown_TCP_ResponseUnauthorized Access Attempt
Low16007DirectConnect_ConnectProtocol Signature
High16045Sasser_PropagationUnauthorized Access Attempt

If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.