Re: signature 5858-1, DNS Server RPC Interface Buffer Overflow
After doing a little more reading, it would appear that an authenticated attack can occur over ports 139,445. An unauthenticated attack can occur over ports >1023. So, is 5858-0 designed to provide coverage for the unauthenticated attack (I can't tell because lots of info is hidden)?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...