Sourcefire 3D System Vulnerability Database (VDB) Update
Date: 2014-03-31
This VDB: 196
Previous VDB: 195
Sourcefire 3D System Version 4.9.x:
Defense Centers and 3D Sensors
RNA for Red Hat Linux
3D Sensor Software for Crossbeam X-Series
Sourcefire 3D System Version 4.10.x:
Defense Centers and 3D Sensors
3D Sensor Software for Crossbeam X-Series
Sourcefire 3D System Version 5.x:
Defense Centers
Supported Detector Types:
service (4.9.1 and 4.10.x) and application protocol (5.x)
client application (4.10.x) and client (5.x)
payload (any 4.10.x release including and above 4.10.1) and web application (5.x)
IMPORTANT! Some application protocol, client, and web application detectors are supported in Version 5.x only. This Advisory refers to these as FireSIGHT application detectors.
Download the VDB update and obtain update instructions from the Sourcefire Support Site at https://support.sourcefire.com. Note that the time it takes to update the VDB can vary. For more information, see the online help on your appliance or download the Sourcefire 3D System User Guide from the Support Site.
VDB Changelog:
from version 195 (3:11:32 PM on March 20th, 2014 UTC)
to version 196 (3:32:37 PM on March 24th, 2014 UTC)
Service (4.x) and Application Protocol (5.x) Detectors
Total Added:
1
Total Removed:
0
Total Updated:
0
Client Application (4.x) and Client (5.x) Detectors
Total Added:
1
Total Removed:
0
Total Updated:
0
Payload (4.x) and Web Application (5.x) Detectors
Total Added:
549
Total Removed:
2
Total Updated:
0
FireSIGHT Detector Updates (5.x)
Total Added:
17
Total Removed:
3
Total Modified:
0
Operating System Fingerprint Details
Total Added:
2
Total Removed:
1
Total Updated:
5
Operating System and Hardware Fingerprint Details (5.1.x)
Total Added:
8
Total Removed:
0
Total Updated:
0
Vulnerability References
Total Added:
0
Total Removed:
0
Total Updated:
0
Fingerprint References
Total Added:
0
Total Removed:
0
Total Updated:
0
File Type Detectors (5.2.x)
Total Added:
0
Total Removed:
0
Total Updated:
0
Operating System Fingerprint Details:
NetBSD NetBSD NetBSD 2.0 (ID 30042) removed
NetBSD NetBSD NetBSD 2.0 (ID 41042) added
Apple Mac OSX Mac OSX 10.9.2 (ID 130046) added
Apple Mac OSX; iOS Mac_OSX 10.5, 10.6, 10.8, 10.8.3, 10.8.4, 10.8.5, 10.9, 10.9.2; iOS 5.1.1, 6.0, 6.0.1, 6.0.2, 6.1, 6.1.4 (ID 924) updated
Apple Mac OSX or iOS Mac_OSX 10.5, 10.6, 10.7, 10.8.2 or iOS 7.0.3, 7.0.6, 7.1 (ID 30923) updated
Apple Mac OSX or iOS Mac_OSX 10.5, 10.6, 10.8, 10.8.2, 10.8.3, 10.8.4, 10.8.5, 10.9, 10.9.2 or iOS 5.0, 5.0.1, 5.1, 5.1.1, 6.0, 6.0.1, 6.0.2, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 7.0, 7.0.2, 7.0.3, 7.0.4, 7.0.6, 7.1 (ID 30924) updated
Apple Mac OSX Mac OSX 10.7, 10.8, 10.8.3, 10.8.4, 10.8.5, 10.9, 10.9.2 (ID 60191) updated
Apple iOS iOS 3.1.2, 4.2.1, 5.0.1, 5.1, 5.1.1, 6.0, 6.0.1, 6.0.2, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 7.0, 7.0.2, 7.0.3, 7.0.4, 7.0.6, 7.1 (ID 60192) updated
Operating System and Hardware Fingerprint Details (5.1.x)::
Apple iOS iOS 7.1 (ID 70135) added
Apple iOS iOS 7.1 (ID 70136) added
Apple iOS iOS 7.1 (ID 70137) added
Apple iOS iOS 7.0.6 (ID 70138) added
Apple iOS iOS 7.0.6 (ID 70139) added
Apple iOS iOS 7.0.6 (ID 70140) added
Apple iOS iOS 7.0.6 (ID 70141) added
Apple iOS iOS 7.0.6 (ID 70142) added
Service (4.x) and Application Protocol (5.x) Detectors:
VDOLive: Real time Video and Audio streaming traffic. added
Client Application (4.x) and Client (5.x) Detectors:
Tomatopang: Korean Peer to Peer file-sharing application. added
Payload (4.x) and Web Application (5.x) Detectors:
3Com AMP3: Registered with IANA on port 629 TCP/UDP. added
3GPP: GPRS Tunneling Protocol used for carrying user data. added
Access Network: Registered with IANA on port 699 TCP/UDP. added
AccessBuilder: A family of dial-in remote access servers for mobile computer users and remote office workers. added
Active Networks: A networking technology used to enable unique processing of each network packet. added
Adaptive Receive Node Scheduling: Registered with IANA on port 384 TCP/UDP. added
Adobe PostScript: A printing and imaging standard. added
Aeolon Core Protocol: Registered with IANA on port 599 TCP/UDP. added
AEP: AppleTalk Echo Protocol. added
AgentX: AgentX is an SNMP-related protocol. added
ALPES: Administration Delocalisee Par Emissions Securisee (ALPES) is a secure network administration protocol. added
AMInet: AMInet Protocol is used for communication and control of Alcorn McBride Inc. products. added
any host: Registered with IANA as IP Protocol 61. added
AODV: Ad hoc On-Demand Distance Vector (AODV) is a routing protocol for mobile ad hoc networks. added
Apertus Tech Load Distribution: Registered with IANA on port 539 TCP/UDP. added
appleqtcsrvr: Registered with IANA on port 545 TCP/UDP. added
AppleTalk Routing Maintenance: A protocol for AppleTalk routers to keep each other informed about the topology of the network. added
AppleTalk Unused: Registered with IANA on port 208 TCP/UDP. added
AppleTalk Zone Information Protocol: The Zone Information Protocol was the protocol by which AppleTalk network numbers were associated with zone names. added
ApplianceWare Managment Protocol: Registered with IANA on port 688 TCP/UDP. added
Applix ac: Registered with IANA on port 999 UDP. added
Argus: Registered with IANA as IP Protocol 13. added
Ariel2: Ariel allows users to send high-detail electronic images. added
Ariel3: Ariel allows users to send high-detail electronic images. added
ARIS: Aggregate Route-Based IP Switching establishes switched paths through a network. added
AS Server Mapper: Provides a method for client applications to determine the port number associated with a particular server. added
asa-appl-proto: Registered with IANA on port 502 TCP/UDP. added
Asipregistry: Registered with IANA on port 687 TCP/UDP. added
ATEXSSTR: Registered with IANA on port 212 TCP/UDP. added
auditd: The audit daemon operates as a server, monitoring /dev/audit for local audit data. added
Aurora CMGR: Registered with IANA on port 364 TCP/UDP. added
AURP: AppleTalk Update-based Routing Protocol (AURP) is an AppleTalk WAN routing protocol. added
Authentication Service: Provides a means to determine the identity of a user of a particular TCP connection. added
Avian: Registered with IANA on port 486 TCP/UDP. added
AX.25: AX.25 is a data link layer protocol derived from the X.25 protocol suite. added
BACnet: Building Automation and Control Networks is a communications protocol for building automation. added
Banyan VIP: Banyan VINES Internet Protocol. added
banyan-rpc: Registered with IANA on port 567 TCP/UDP. added
BB: Big Brother is a tool for systems and network monitoring. added
BBN RCC: Registered with IANA as IP Protocol 10. added
bgs-nsi: Registered with IANA on port 482 TCP/UDP. added
bmpp: BMPP allows spammers to discover if a mailbox is willing to accept bulk email. added
BNA: BNA is a suite of networking protocols for mainframes. added
Borland DSJ: Deployment Server for Java (DSJ) is a deployment service. added
Britton Lee IDM: Relational Database system. added
Bundle Discovery Protocol: A Multi-link PPP (MP) Link Control Protocol. added
CA Intl License Server: Registered with IANA on port 216 TCP/UDP. added
CAB Protocol: CAB Protocol exchanges real-time data between building automation systems. added
Cabletron Management Protocol: Registered with IANA on port 348 TCP/UDP. added
CadLock: Cadlock is used to access AutoCad drawings protected by CadVault. added
Call of Duty: Shooter video game series franchise. added
campaign contribution disclosures: Registered with IANA on port 667 TCP/UDP. added
CBT: The Core-Based Trees protocol is a multicast technology. added
CDDB: Compact Disc Database Protocol, for searching CD contents. added
CFDP: Coherent File Distribution Protocol, for one-to-many file transfer operations. added
cFTP: Client-Oriented File Transfer Protocol is a PHP-based file transfer protocol. added
CHAOSNet: CHAOSNet is one of the earliest local area network hardware implementations. added
Chat: Registered with IANA on port 531 TCP/UDP. added
Chshell: Registered with IANA on port 562 TCP/UDP. added
CIMPLEX: Registered with IANA on port 673 TCP/UDP. added
Cisco NAC: Cisco Network Admission Control is an access control system. added
Citrix Static: Citrix related service. added
CMIP/TCP Manager: Common Management Information Protocol, an OSI specified network management protocol. added
Collaborator: Registered with IANA on port 622 TCP/UDP. added
Combat Radio Transport Protocol: Transports the combat radio's data through in an internet network. added
Combat Radio User Datagram: Registered with IANA as IP Protocol 127. added
Commerce: Registered with IANA on port 542 TCP/UDP. added
Common Trace Facility: Registered with IANA on port 84 TCP/UDP. added
Compaq-Peer: Proprietary protocol used by HP to set up peer-to-peer networks. added
con: Registered with IANA on port 759 TCP/UDP. added
connendp: Almanid Connection Endpoint (connendp) is a part of Novell Directory Services. added
contentserver: A collaboration tool for web development. added
Corejrd: Registered with IANA on port 284 TCP/UDP. added
Courier Mail Server: A mail server. added
Covia: Manages audio, video, data and other types of communication between multiple systems. added
CP Heart Beat: Registered with IANA as IP Protocol 73. added
CP Network Executive: Registered with IANA as IP Protocol 72. added
cpq-wbem: Compaq Insight Manager Service. added
Crackle Video: Video streaming from Crackle. added
Cray Network Semaphore server: Registered with IANA on port 451 TCP/UDP. added
Cray Unified Resource Manager: Registered with IANA on port 606 TCP/UDP. added
Creative Partner: Registered with IANA on port 455 TCP/UDP. added
Creative Server: Registered with IANA on port 453 TCP/UDP. added
Cross Net Debugger: Cross Net Debugger is a networked debugger. added
CRYPTOAdmin: CRYPTOAdmin a remote authentication solution. added
CSNET Mailbox Name Nameserver: A relic of the Computer Science Network, which was "ARPANET-lite". added
CSTA: Registered with IANA on port 450 TCP/UDP. added
CU-SeeMe: Internet video conferencing client. added
Customer Ixchange: Registered with IANA on port 528 TCP/UDP. added
cvc_hostd: Registered with IANA on port 442 TCP/UDP. added
CVS pserver: An insecure method of remote access to a Concurrent Versions System (CVS) repository. added
Cybercash: An online currency transfer system. added
cycleserv: Registered with IANA on port 763 TCP/UDP. added
cycleserv2: Registered with IANA on port 772 TCP/UDP. added
D-II: Registered with IANA as IP Protocol 116. added
DataRamp Svr: Registered with IANA on port 461 TCP/UDP. added
DataRampSrvSec: Registered with IANA on port 462 TCP/UDP. added
DCE endpoint resolution: Registered with IANA on port 135 TCP/UDP. added
dcLINK: dcLINK Data Collection is inventory management software. added
DCN Measurement Subsystems: Registered with IANA as IP Protocol 19. added
dctp: Registered with IANA on port 675 TCP/UDP. added
DDM: IBM Lotus Domino domain monitoring, a management system for Domino networks. added
DDM DFM: Distributed Data Management Distributed File Management. added
DDM RRDA: Distributed Data Management Remote Relational Database Access. added
DDP: Datagram Delivery Protocol is a member of the AppleTalk networking protocol suite. added
DEC DLM: Registered with IANA on port 625 TCP/UDP. added
decap: Registered with IANA on port 403 TCP/UDP. added
Decbsrv: Registered with IANA on port 579 TCP/UDP. added
DEI-ICDA: Registered with IANA on port 618 TCP/UDP. added
Desknet's: Desknet's (by NEO) is a Japanese groupware application for resource sharing. added
device: Registered with IANA on port 801 TCP/UDP. added
HMMP Indication: Registered with IANA on port 612 TCP/UDP. added
HMMP Operation: Registered with IANA on port 613 TCP/UDP. added
HMP: Host Monitoring Protocol is a connectionless transport protocol. added
HP Network Management Center.: Network and systems management product. added
HTTP Alternate: HTTP Alternate is alternative port to port 80 that is used by HTTP. added
HTTP RPC Ep Map: The http-rpc-epmap endpoint mapper provides CIS parameters for Remote Procedure Call. added
Hulu Video: Hulu Video streaming. added
Hybrid Point of Presence: Takes TCP/IP packets from the Internet, modulates them into standard TV channels and feeds them to a TV system. added
Hyperwave-ISP: Hyperwave-ISP focuses on document and knowledge management in intranet environments. added
i-nlsp: Integrated Net Layer Security Protocol, a proposed security protocol. added
iafdbase: Registered with IANA on port 480 TCP/UDP. added
IAFServer: IAFServer is part of the Integrated Authentication Framework. added
IATP: Interactive Agent Transfer Protocol. added
IBM Director: IBM Director is an element management system. added
IBM NetView DM: IBM NetView Distribution Manager provides centralized management capabilities. added
IBM NetView DM/6000 Server/Client: IBM NetView Distribution Manager provides centralized management capabilities. added
IBP: Internet Backplane Protocol, middleware for managing and using remote storage. added
ICL coNETion locate server: Registered with IANA on port 886 TCP/UDP. added
ICL coNETion server info: Registered with IANA on port 887 TCP/UDP. added
ICMP: Internet Control Message Protocol. added
ICMP for IPv6: Internet Control Message Protocol version 6 (ICMPv6) is the implementation of the Internet Control Message Protocol (ICMP) for Internet Protocol version 6 (IPv6). added
idfp: Registered with IANA on port 549 TCP/UDP. added
IDPR: Inter-Domain Policy Routing Protocol. added
IDPR Control Message: Constructs and maintains routes between source and destination domains in an IDPR network. added
IDRP: Inter-Domain Routing Protocol, an exterior gateway protocol. added
IEEE-MMS-SSL: IEEE Media Management System, a distributed system for managing removable media. added
iFCP: Internet Fibre Channel Protocol. added
IFMP: Ipsilon Flow Management Protocol, is a label-switching protocol. added
IGRP: Cisco's Interior Gateway Routing Protocol is a distance vector interior routing protocol. added
IIOP Name Service over TLS/SSL: IIOP Name Service operates in Secure Socket Layer and Transport Layer Security(SSL/TLS). added
IL: The Internet Link Protocol or IL is a connection-based transport layer protocol. added
IMP Logical Address Maintenance: Registered with IANA on port 51 TCP/UDP. added
IMSP: The Internet Message Support Protocol, for mail provisioning. added
Intecourier: Registered with IANA on port 495 TCP/UDP. added
Integra Software Management Environment: Part of the Symantec Management Platform. added
Intel InBusiness: An email server. added
Internet Configuration Manager: Registered with IANA on port 615 TCP/UDP. added
Internet telephony tool: A set of data conferencing and telephony extensions for Netscape Navigator. added
intrinsa: Registered with IANA on port 503 TCP/UDP. added
IP in IP: Tunneling IP within IP. added
IP Mobility: An IETF standard communications protocol for mobile devices. added
IP-within-IP: IP-within-IP Encapsulation is a method for tunneling IP over IP. added
ipcd: Registered with IANA on port 576 TCP/UDP. added
IPComp: IP Payload Compression Protocol, reduces the size of IP datagrams. added
IPCU: Internet Packet Core Utility, registered with IANA as IP Protocol 71. added
ipdd: Registered with IANA on port 578 TCP/UDP. added
IPLT: Registered with IANA as IP Protocol 129. added
IPv6 encapsulation: A packet is encapsulated and carried as payload within an IPv6 packet. added
IPX: Internetwork Packet Exchange is a network layer protocol. added
IRC-SERV: A server software that implements the IRC Internet Relay Chat protocol. added
IRTP: Internet Reliable Transaction Protocol, a transport level host-to-host protocol. added
ISIS: Intermediate System-to-Intermediate System is an interior gateway routing protocol. added
ISO ILL Protocol: Interlibrary Loan (ILL), for communication between various document exchange systems. added
ISO SAP: A Service Access Point (SAP) is an end-system in ISO networking. added
ISO Transport Class 2 Non-Control over TCP: Implementation of ISO Transport Class 2 Non-use of Explicit Flow Control on top of TCP. added
iso-ip: OSI connectionless network layer protocol (CLNP) packets encapsulated in IP. added
ISO-TP0: A protocol that is used to bridge ISO TP0 packets between X.25 and TCP networks. added
itm-mcell-s: Registered with IANA on port 828 TCP/UDP. added
K-Block: Registered with IANA on port 287 TCP/UDP. added
Kali: An IPX network emulator for DOS and Windows. added
Kerberos Administration: Kerberos is a network authentication protocol. added
Key Server: A system that receives and then serves existing cryptographickeysto users. added
Klogin: Registered with IANA on port 543 TCP/UDP. added
Konspire2b: A content distribution system. added
kpasswd: Kerberos change-password protocol (kpasswd) is a password changing service. added
kshell: Registered with IANA on port 544 TCP/UDP. added
lanserver: Registered with IANA on port 637 TCP/UDP. added
LDP: Label Distribution Protocol is a protocol that works with MPLS. added
Leaf-1: The Leaf File Access Protocol is one of the first protocols to enable remote access to files. added
Leaf-2: The Leaf File Access Protocol is one of the first protocols to enable remote access to files. added
LinkedIn Upload: Uploading resumes and other data to LinkedIn. added
List Processor: Registered with IANA on port 372 TCP/UDP. added
ljk-login: Registered with IANA on port 472 TCP/UDP. added
Locus ARP: Registered with IANA as IP Protocol 91. added
Locus PC-Interface Conn Server: Registered with IANA on port 127 TCP/UDP. added
LWAPP: Lightweight Access Point Protocol, a protocol that can control multiple Wi-Fi access points. added
MacOS Server Admin: Remote administration/configuration tools for Mac OS X Server. added
Mailbox-LM: Mailbox-LM is a used by FTP Daemon. added
maitrd: Registered with IANA on port 997 TCP/UDP. added
Management Utility: Registered with IANA on port 2 TCP/UDP. added
mcns-sec: Registered with IANA on port 638 TCP/UDP. added
mdc-portmapper: Registered with IANA on port 685 TCP/UDP. added
Memcomm: Registered with IANA on port 668 TCP/UDP. added
Meregister: Registered with IANA on port 669 TCP/UDP. added
Meter: Registered with IANA on port 570 TCP/UDP. added
MFE: Registered with IANA as IP Protocol 31. added
MFTP: Multisource File Transfer Protocol, a file sharing protocol. added
micom-pfs: Registered with IANA on port 490 TCP/UDP. added
MICP: Mobile Internetworking Control Protocol. added
Micro Focus COBOL: Used by Micro Focus applications such as Enterprise Server, COBOL Server Express and more. added
Micromuse-lm: Registered with IANA on port 1534 TCP/UDP. added
Microsoft Global Catalog: A distributed data repository. added
Microsoft Rome: Registered with IANA on port 569 TCP/UDP. added
Microsoft Shuttle: Registered with IANA on port 568 TCP/UDP. added
Microsoft System Center Operations Manager: A cross-platform data center management system. added
Microsoft-DS: Microsoft-DS is a port that carries Windows file sharing and other services. added
MIT ML Device: Registered with IANA on port 83 TCP/UDP. added
MobilIP-MN: Registered with IANA on port 435 TCP/UDP. added
Mobility XE protocol: A mobile VPN. added
Mondex: Mondex is a smart card electronic cash system. The main protocol of Mondex implements electronic cash transfer, using either a device (wallet) with two slots, or an Internet connection. added
Monitor: Registered with IANA on port 561 TCP/UDP. added
MPLS: Multiprotocol Label Switching allows one to run the data link layer over the network layer. added
MPM: Message Processing Module (MPM) is part of the Internet message system. added
MPM FLAGS Protocol: Registered with IANA on port 44 TCP/UDP. added
MPTN: Multiprotocol Transport Networking, a general solution interconnected applications. added
MRM: Multicast Routing Monitor, a management diagnostic tool in Cisco products. added
MS Exchange Routing: MS Exchange Routing is Used by Microsoft Exchange servers to exchange routing information. added
MSA: Mail Submission Agent, part of a variant SMTP system. added
msg-icp: Registered with IANA on port 29 TCP/UDP. added
MTP: Media Transfer Protocol is a set of custom extensions to the Picture Transfer Protocol. added
Multiling HTTP: Registered with IANA on port 777 TCP/UDP. added
Mylex-mapd: Registered with IANA on port 467 TCP/UDP. added
NARP: NBMA Address Resolution Protocol. added
NBP: AppleTalk Name Binding. added
nCube License Manager: A parallel computing protocol. added
NDMP: Network Data Management Protocol. added
Nest Protocol: Novell protocol that defines a systems architecture. added
NETBLT: NETwork BLock Transfer, a transport layer protocol. added
netGW: Registered with IANA on port 741 TCP/UDP. added
Netix MPP: Message Posting Protocol is a network protocol that is used for posting messages. added
Netnews: Netnews (Usenet) is a worldwide distributed Internet discussion system. It was developed from the general purpose UUCP architecture of the same name. added
Netnews Administration System: A framework to simplify the administration and usage of network news (also known as Netnews) on the Internet. added
Netop Remote Control: Remote management and support of enterprise IT infrastructure. added
netvmg-traceroute: A network diagnostic tool used by NetVMG. added
Network based Rev. Cont. Sys.: Registered with IANA on port 742 TCP/UDP. added
Network Innovations Multiplex: Registered with IANA on port 171 TCP/UDP. added
Network Printing Protocol: Registered with IANA on port 92 TCP/UDP. added
Network Security Risk Management Protocol: Registered with IANA on port 359 TCP/UDP. added
Network Systems: A collection of protocols layered atop Internet Datagram Protocol. added
Networked Media Streaming Protocol: Registered with IANA on port 537 TCP/UDP. added
New who: Registered with IANA on port 550 TCP/UDP. added
NIC Internet Hostname Server: A TCP-based host information program. added
nlogin: Registered with IANA on port 758 TCP/UDP. added
Nmap: Network Mapper, a security scanner. added
Novadigm EDM: Novadigm Enterprise Desktop Manager, a management platform for deploying enterprise applications. added
Novell Netware over IP: NetWare Over TCP/IP allows NetWare Core Protocol and Novell Directory Services to run over IP. added
NPMP Trap: Registered with IANA on port 609 TCP/UDP. added
npmp-gui: Registered with IANA on port 611 TCP/UDP. added
npmp-local: Registered with IANA on port 610 TCP/UDP. added
NQS: Network Queueing System, which allows users to submit batch jobs to queues. added
NSFNET-IGP: An interior gateway protocol developed by NSFNET. added
NSW User System FE: Registered with IANA on port 27 TCP/UDP. added
NVP: Network Voice Protocol, for transporting human speech over packetized communications networks. added
OBEX: OBject Exchange, a communications protocol for binary objects. added
OCS_CMU: Registered with IANA on port 428 TCP/UDP. added
Ohimsrv: Registered with IANA on port 506 TCP/UDP. added
Omginitialrefs: Registered with IANA on port 900 TCP/UDP. added
Omserv: Registered with IANA on port 764 TCP/UDP. added
opalis-rdv: opalis-rdv, Registered with IANA on port 536 TCP/UDP. added
openvms-sysipc: Registered with IANA on port 557 TCP/UDP. added
Operations Manager
Health Service: Health Monitoring Service is used to monitor web services installed in one or multiple sites. added
oracle: Registered with IANA on port 1527 TCP/UDP. added
Oracle coauthor: Registered with IANA on port 1529 TCP/UDP. added
Oracle Names: Distributed naming service. added
Oracle Net8 Cman: Oracle Connection Manager, an Net8 component that acts much like a router. added
Oracle Net8 CMan Admin: Oracle Net8 CMan Admin refers to general administrative commands to Oracle Connection Manager. added
Oracle TCP/IP Listener: Registered with IANA on port 1525 TCP/UDP. added
Orbix 2000 Config: Registered with IANA on port 3076 TCP/UDP. added
Orbix 2000 Locator: Used by Progree Software Corporation in their Orbix software for enterprise COBRA solutions. added
Orbix 2000 Locator over SSL: Used by Progree Software Corporation in their Orbix software for enterprise COBRA solutions. added
OSPF: Open Shortest Path First, a link state routing protocol. added
OSU Network Monitoring System: Registered with IANA on port 192 TCP/UDP. added
P10: An extension to Internet Relay Chat protocol (IRC) for server to server communications. added
Packet Radio Measurement: Registered with IANA as IP Protocol 21. added
PAPI: Process Application Programming Interface, used by Aruba Networks in their network management tools to control and manage access points. added
Parsec Gameserver: Parsec is a fast-paced non-commercial network space-shooter. added
PassGo Technologies Service: Software for web access management. added
Password Change: Services Kerberos Change Password and Set Password Protocol requests. added
PDL data streaming port: Registered with IANA on port 9100 TCP/UDP. added
Perf Analysis Workbench: Registered with IANA on port 345 TCP/UDP. added
Personal Link: Registered with IANA on port 281 TCP/UDP. added
PGM RTP: Pragmatic General Multicast Reliable Transport Protocol, a multicast protocol. added
Pharos psrserver: Registered with IANA on port 2351 TCP/UDP. added
Philips Video-Conferencing: Used by Philips Electronics in their video conferencing products. added
Phonebook: Registered with IANA on port 767 TCP/UDP. added
Photuris: A session-key management protocol. added
PIM: Protocol-Independent Multicast is a family of multicast routing protocols for IP. added
PIM-RP-DISC: Registered with IANA on port 496 TCP/UDP. added
PIPE: Private IP Encapsulation within IP is an IP-within-IP tunneling protocol. added
pirp: Public Information Retrieval Protocol is a method of publishing information. added
Pluribus Packet Core: Registered with IANA as IP Protocol 67. added
Plus Fives MUMPS: Registered with IANA on port 188 TCP/UDP. added
PNNI: Private Network-to-Network Interface is an ATM-related suite of protocols. added
POV-Ray: Persistence of Vision Raytracer (POV-Ray), a ray tracing program. added
PowerChute: A control system for uninterruptible power supplies. added
PRM Node Man: Prospero Resource Manager is a scalable resource allocation systemi. added
PRM Sys Man: The system manager manages the full set of resources that exist in a system. added
PTC Name Service: Used by Parametric Technology Corporation (PTC) in their products. added
PTP: Performance Transparency Protocol. added
PTP Event: Precision Time Protocol is a protocol used to synchronize clocks throughout a computer network. added
PTP General: Precision Time Protocol, used to synchronize clocks throughout a computer network. added
pump: Registered with IANA on port 751 TCP/UDP. added
PureNoise: Registered with IANA on port 663 TCP/UDP. added
PVP: Packet Video Protocol (PVP) is a set of extensions to the Network Voice Protocol. added
QMQP: Quick Mail Queuing Protocol, a protocol to share e-mail queues between several hosts. added
QMTP: Quick Mail Transfer Protocol, an e-mail transmission protocol. added
QNX: A commercial Unix-like real-time operating system. added
QOTD: Quote Of The Day service sends a short message without regard to the input. added
qrh: Registered with IANA on port 752 TCP/UDP. added
Queued File Transport: Registered with IANA on port 189 TCP/UDP. added
Quotad: Registered with IANA on port 762 TCP/UDP. added
Radio Control Protocol: Registered with IANA on port 469 TCP/UDP. added
Radmin: Remote Admin, a remote access solution. added
RAP: Route Access Protocol, a general protocol for distributing routing information. added
Rational Method Composer: A platform for process engineers and managers. added
RDA: Remote Database Access, a protocol standard for database access. added
REAL SQL Server: A relational database management system. added
Reliable Datagram Protocol: Reliable Datagram Protocol, a transport layer protocol. added
Remote Method Invocation Activation: Used with Java RMI. added
Remote-KIS: Registered with IANA on port 185 TCP/UDP. added
RemoteFS: RemoteFS is a network file system designed for use with home NAS. added
repcmd: Repcmd is a protocol used by the SupportSoft. added
repscmd: Repscmd is a protocol used by SupportSoft. added
Retrospect: A family of backup software applications. added
RLZ Dbase: Registered with IANA on port 635 TCP/UDP. added
RMCP: Remote Mail Checking Protocol, a mail checking service. added
rmiregistry: rmiregistry is a command that creates and starts a remote object registry on the current host. added
Rmonitor: A protocol used by remote network monitoring devices. added
rmtis: Remote MT Protocol, used during manipulation of magnetic tape drives. added
RRH: Reverse Routing Header, used to learn a path back hop-by-hop. added
RSH-SPX: RSH-SPX is an implementation of RSH (Remote Shell) over an IPX/SPX network. added
RSVP: Resource Reservation Protocol, a transport layer protocol. added
RSVP Tunnel: A transport layer protocol designed to reserve resources across a network. added
RSVP-E2E-IGNORE: A Protocol used in Aggregation of RSVP for IPv4 and IPv6 Reservations. added
rtip: Registered with IANA on port 771 TCP/UDP. added
RUSHD: The Rush render queue allows users to manage image rendering jobs. added
Russell Info Sci Calendar Manager: Registered with IANA on port 748 TCP/UDP. added
RVD: Remote Virtual Disk protocol is a remote disk reading device driver. added
rxe: Registered with IANA on port 761 TCP/UDP. added
SAFT: Simple Asynchronous File Transfer, used by sendfile software. added
SANity: SANity, Registered with IANA on port 643 TCP/UDP. added
SAP: SAP offers various software applications and solutions for businesses. added
SATNET: Registered with IANA as IP Protocol 76. added
SATNET and Backroom EXPAK: Registered with IANA as IP Protocol 64. added
SATNET Monitoring: A protocol used for the monitoring and control of multiple-access satellite networks. added
SCC Security: Registered with IANA on port 582 TCP/UDP. added
Schedule Transfer Protocol: Scheduled Transfer Protocol is a new ANSI specifed connection-oriented data transfer protocol. added
SCO Desktop Administration Server: Registered with IANA on port 617 TCP/UDP. added
SCO System Administration Server: Registered with IANA on port 616 TCP/UDP. added
SCO Web Server Manager 3: Registered with IANA on port 598 TCP/UDP. added
SCO WebServer Manager: Registered with IANA on port 620 TCP/UDP. added
scohelp: Registered with IANA on port 457 TCP/UDP. added
SCPS: Space Communications Protocol Specifications, a set of extensions to existing protocols to improve performance in space environments. added
scx-proxy: Registered with IANA on port 470 TCP/UDP. added
SDNS-KMP: Secure Data Network System Key Management Protocol, a key management protocol for SDNS. added
SDRP: Source Demand Routing Protocol calculates routes by source. added
Secure IRC: Registered with IANA on port 994 TCP/UDP. added
Semaphore Sec Pro: Registered with IANA as IP Protocol 96. added
SEND: SEcure Neighbor Discovery, a security extension of the Neighbor Discovery Protocol in IPv6. added
SET: Secure Electronic Transaction was a standard protocol for securing credit card transactions over insecure networks. added
sFlow: sFlow is a technology for monitoring network, wireless, and host devices. added
SFS config server: Cray Shared File System config server. added
Siam: Registered with IANA on port 498 TCP/UDP. added
SIFT: Sender-Initiated File Transfer (SIFT) protocol added
SILC: Secure Internet Live Conferencing, a protocol that provides IRC-like services. added
Sirius Systems: Software for business needs. added
Sitara Dir: The Sitara Network Protocol (SNP) directory server. added
Sitara Management: The Sitara Network Protocol (SNP) manager. added
Sitara Server: The Sitara Network Protocol server. added
SKIP: Simple Key-Management for Internet Protocol is for the sharing of encryption keys. added
Skronk: Registered with IANA on port 460 TCP/UDP. added
SM: Registered with IANA as IP Protocol 122. added
smartsdp: Registered with IANA on port 426 TCP/UDP. added
SMID: Secure management and installation discovery, registered on ports 3211,3502,3871 TCP/UDP. added
SMP: Simple Message Protocol is reliable thread-to-thread communications medium. added
smpnameres: Registered with IANA on port 901 TCP/UDP. added
smsd: The smsd server is responsible for gathering system management data from the host and presenting that information to the SysMan Station client. added
SMUX: SNMP multiplexing defines communications between the SNMP Agent and other processes. added
SNARE: System iNtrusion Analysis and Reporting Environment, used to collect audit log data from a variety of operating systems. added
SNNTP: Secure Network News Transfer Protocol is NNTP over TLS. added
SNP: Sitara Network Protocol, a network control protocol. added
SNTP-HEARTBEAT: Simple Network Time Protocol Heartbeat is used to provide a multicast heartbeat in a network. added
Softros LAN Messenger: Instant messaging program for user-to-user or user-to-group message and file exchange. added
Sonar: Sonar is a network mirror service. added
SPMP: Registered with IANA on port 656 TCP/UDP. added
Sprite RPC: RPC for the Sprite operating system. added
SPS: Secure Packet Shield, an early competitor of IPSEC. added
spsc: Registered with IANA on port 478 TCP/UDP. added
SRP: SpectraLink Radio Protocol is a proprietary wireless protocol. added
SRVFP: Swift Remote Virtual File Protocol. added
srvloc: Service Location Protocol is a service discovery protocol. added
ss7ns: Registered with IANA on port 477 TCP/UDP. added
SSCOPMCE: Service Specific Connection Oriented Protocol in a Multilink and Connectionless Environment. added
SST: SCSI on Scheduled Transfer (ST) standard (SST), a method of encapsulating SCSI packets inside ST Protocol. added
ST: Internet Stream Protocol (ST or ST2) is a QoS protocol. added
STMF: Registered with IANA on port 501 TCP/UDP. added
Stock IXChange: Registered with IANA on port 527 TCP/UDP. added
streettalk: Registered with IANA on port 566 TCP/UDP. added
STUN over TLS: Session Traversal Utilities for NAT using TLS encryption. added
Submit Protocol: Registered with IANA on port 773 TCP. added
SUBNTBCST_TFTP: Registered with IANA on port 247 TCP/UDP. added
Sun IPC server: Client-server communication program that listens for connections from local-domain clients. added
SUN NDP: Registered with IANA as IP Protocol 77. added
SUNDR: Network file system designed to store data securely on untrusted servers. added
SURF: Speeded Up Robust Feature (SURF) is a local feature detector. added
Survey Measurement: Registered with IANA on port 243 TCP/UDP. added
Swipe: An experimental IP security protocol. added
Synergy: Lets users a mouse and keyboard between multiple computers. added
SynOptics SNMP Relay: Registered with IANA on port 391 TCP/UDP. added
SynOptics Trap: Registered with IANA on port 412 UDP. added
TCF: Target Communication Framework is a network protocol used mainly for embedded systems. added
TDP: Tag Distribution Protocol, used to communicate tag binding information to their peers. added
TeamSound: Voice conferencing software for online game players. added
Technical Analysis Software: A professional electronic trading platform for financial market traders. added
Teedtap: Registered with IANA on port 559 TCP/UDP. added
tell: Registered with IANA on port 754 TCP/UDP. added
TenFold: Registered with IANA on port 658 TCP/UDP. added
TESLA: Registered with IANA on port 7631 TCP. added
TIA/EIA/IS-99 modem client: A data services option standard for wideband spread spectrum digital cellular systems. added
TIA/EIA/IS-99 modem server: A data services option standard for wideband spread spectrum digital cellular systems. added
time: Linux system call that changes the access and modification times of an inode. added
Timeserver: Reads the actual time from a reference clock and distributes this information to its clients using a computer network. added
tinc: A Virtual Private Network (VPN) daemon. added
TNS CML: Registered with IANA on port 590 TCP/UDP. added
Tobit David Replica: Enable a replication of the contents of any archives that are stored on different David Servers. added
Tomatopang: Korean Peer to Peer file-sharing application. added
TP++: Transport Protocol++. Registered with IANA as IP Protocol 39. added
TP4: Transport Protocol Class 4 (TP4), an ISO-specified transport protocol. added
TPCP: Third Party Connect Protocol. added
TPIP: Registered with IANA on port 594 TCP/UDP. added
Transport Independent Convergence: Registered with IANA on port 493 TCP/UDP. added
trin00: A set of computer programs to conduct a DDoS attack. added
Trunk-1: Registered with IANA as IP Protocol 23. added
Trunk-2 Protocol: Registered with IANA as IP Protocol 24. added
TTP: Registered with IANA as IP Protocol 84. added
Ulpnet: Registered with IANA on port 483 TCP/UDP. added
User Location Protocol: Interface between a user location client and a user location server. added
UTI: Registered with IANA as IP Protocol 120. added
UTMPCD: Registered with IANA on port 431 TCP/UDP. added
utmpsd: Registered with IANA on port 430 TCP/UDP. added
uuidgen: A program that generates a unique UUID for each system. added
VACDSM-APP: Registered with IANA on port 671 TCP/UDP. added
VACDSM-SWS: Registered with IANA on port 670 TCP/UDP. added
VATP: Velazquez Application Transfer Protocol. added
vemmi: VEMMI is an international standard defining user interface and client/server protocol for on-line multimedia interactive services. added
Vid: Logitech Vid is a Video-over-IP service based on SightSpeed. added
Videotex: Videotex was one of the earliest implementations of an end-user information system. added
Virtual Presence Protocol: Exchange of document based virtual presence information. added
VMTP: Versatile Message Transaction Protocol is a transport protocol for RPC. added
VMware Fault Domain Manager: High availability / fault tolerance protocol for VMware. added
vnas: Registered with IANA on port 577 TCP/UDP. added
VPPS-Via: Registered with IANA on port 676 TCP/UDP. added
VRRP: Virtual Router Redundancy Protocol is a network protocol. added
vsinet: Registered with IANA on port 996 TCP/UDP. added
VVPS-Qua: Registered with IANA on port 672 TCP/UDP. added
Wang Span: Registered with IANA as IP Protocol 74. added
WAP connectionless session service: An open standard for maintaining high level WSD session. added
WAP Push: A message which includes a link to a Wireless Application Protocol address. added
WAP Push OTA-HTTP port: Used for asynchronous communication between a PPG (Push Proxy Gateway) and a WAP client, utilizing HTTP services. added
WAP Push OTA-HTTP secure: Allows WAP content to be pushed to the mobile handset with minimum user intervention. added
WAP Push Secure: WAP Push Secure is the secured version of WAP Push. added
WAP secure connectionless session service: Registered with IANA on port 9202 TCP/UDP. added
WAP Session Service: A component of Wireless Transaction Protocol (WTP). added
WAP Session Service Secure: A component of Wireless Transaction Protocol (WTP). added
WAP vCal: Registered with IANA on port 9205 TCP/UDP. added
WAP vCal Secure: Registered with IANA on port 9207 TCP/UDP. added
WAP vCard: Internet Mail Consortium electronic business card. added
WAP vCard Secure: Registered with IANA on port 9206 TCP/UDP. added
WebEx: Cisco's online meeting and web conferencing application. added
WebEx Media: Media sharing over WebEx. added
whoami: Registered with IANA on port 565 TCP/UDP. added
Wideband EXPAK: Registered with IANA as IP Protocol 79. added
Wideband Monitoring: Registered with IANA as IP Protocol 78. added
WLCCP: Wireless LAN Context Control Protocol (WLCCP) is used by Cisco wireless devices to maintain Wireless Domain Services (WDS). added
World Fusion: Registered with IANA on port 2595 TCP/UDP. added
wpgs: Registered with IANA on port 780 TCP/UDP. added
X Display Manager: Allows the starting of a session on an X server. added
xact-backup: Registered with IANA on port 911 TCP/UDP. added
XTP: Xpress Transport Protocol, a transport layer protocol. added
xvttp: Registered with IANA on port 508 TCP/UDP. added
Yahoo Flash: Flash content from Yahoo!. added
Zynga Slingo: Zynga slots/bingo game for facebook. removed
FireSIGHT Detector Updates (5.x):
EIGRP: Enhanced Interior Gateway Routing Protocol is a Cisco interior gateway protocol. added
WebEx Media: Media sharing over WebEx. added
Snapchat: Online photo sharing. added
Teredo: Technology to support ipv6 connectivity for ipv4 internet. added
WSDL Event Receiver: A part of Web Services Description Language which receives the events. added
DeNA websites: Traffic generated by browsing DeNA Comm website and some other sites that belong to DeNA added
Google Helpouts: A social networking and instant messaging system for expert advice on various topics. added
Google Hangouts: Google cross-platform messenger application. added
Sina Video: Video streaming from Chinese news/social website Sina added
SOAP: Video streaming from Chinese news/social website Sina added
OSPF: Open Shortest Path First, a link state routing protocol. added
Web Services for Devices: WSD is a Microsoft API to simplify programming connections to web service enabled devices. WSDAPI uses WS-Discovery for device discovery. added
Web Services for Devices Secured: Secured channel for WSDAPI, a Microsoft API to simplify programming connections to web service enabled devices. added
WSDD: Web Service Dynamic Discovery, a discovery protocol that allows a host machine to find web services on the local network. added
JonDo: Anonymous surfing proxy and traffic generated by it. added
WebEx Sharing: WebEx desktop sharing and file transfer. added
DeNA Comm: Mobile app for Voice and text chat. added
Teredo: Technology to support ipv6 connectivity for ipv4 internet. removed
OSPF: Open Shortest Path First routing widely used IGP protocol based on link-state algorithm. removed
EIGRP: Enhanced Interior Gateway Routing Protocol to automate routing process for network traffic. removed
For a complete list of new and modified information use this link.
For Assistance:
Visit the Sourcefire Support Site at https://support.sourcefire.com/.
Email Sourcefire Support at support@sourcefire.com.
Call Sourcefire Support at 410.423.1901 or 1.800.917.4134.
About the VRT:
The Sourcefire VRT is a group of renowned security experts working to proactively discover, assess, and respond to the latest trends in hacking activities, intrusion attempts, and vulnerabilities.
About Sourcefire:
Focused on its mission to be the leader in intelligent cybersecurity solutions, Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks. With solutions from the network to the endpoint, Sourcefire provides customers with Agile Security that is as dynamic as the real world it protects and the attackers against which it defends.