MediumRealSecure Network, RealSecure Desktop Protector, BlackICE Agent for Server, RealSecure Server Sensor, RealSecure Sentry, RealSecure Guard, BlackICE PC Protection, Proventia Server IPS for Microsoft Windows technology, BlackICE Server Protection, Proventia Network IPS, Proventia Desktop, Proventia Server IPS for Linux technology, RealSecure Desktop Protector 3.6, Proventia Network MFS, Proventia Network IDS, Proventia-G 1.1 and earlier:
This signature detects URL requests used by certain vulnerability scanners that an attacker may use to scan your network for vulnerabilities.
Medium
RealSecure Network: 7.0, RealSecure Desktop Protector: 3.6, BlackICE Agent for Server: 3.6, RealSecure Server Sensor: 7.0, RealSecure Sentry: 3.6, RealSecure Guard: 3.6, BlackICE PC Protection: 3.6.cbd, Proventia Server IPS for Microsoft Windows technology: 1.0.914.0, BlackICE Server Protection: 3.6.cbd, Proventia Network IPS: 2.0, Proventia Desktop: 8.0.614.1, Proventia Server IPS for Linux technology: 1.0, RealSecure Desktop Protector 3.6: baseline, Proventia Network MFS: 1.0, Proventia Network IDS: A Series, Proventia-G 1.1 and earlier: G Series, RealSecure Desktop: baseline
Various vendors Any application, IETF HTTP/1.1
Pre-attack Probe
A remote attacker is scanning a Web site for potentially vulnerable URLs.
Ensure that your personal firewall, operating system, and programs are up-to-date in order to minimize the threat of a system compromise.
ISS X-Force
HTTP URL scan
http://www.iss.net/security_center/static/8534.php