Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

SHELLCODE: Base64 X86 NOOP Detection Over TCP-CTS (1)

This signature detects payloads being transferred over network that have been using base64 x86 NOOP. This may be an indication of someone trying to evade anti-virus/IPS solutions and possibly drop malicious code.

References

URL: http://www-1.ibm.com/support/docview.wss?uid=swg21285600 http://www.coresecurity.com/index.php5?action=item&id=2008

Short Name

SHELLCODE:X86:BASE64-NOOP-CTS-1

Severity

Critical

Recommended

False

Recommended Action

None

Category

SHELLCODE

Keywords

(1) Base64 Detection NOOP Over TCP-CTS X86

Release Date

08/17/2015

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3324

Port

TCP/0-79,81-442,444-3127,3129-7999,8001-8079,8081-65535

False Positive

Rarely