.N NetProwler_SU19	#Policy Name
.L 2	#Policy structure
.D Detects NetProwler SNMP traps for NP signatures found in SU 19	#Policy Description
.V 1028918880	#Policy revision number
.Z 20000	#Policy ID
.R FTP_NetTerm_BO	#Rule Definition
..D Detects potentially unauthorized attempts to overflow a buffer in NetTerm FTP Daemon and execute commands with the permissions of the system administrator.	#Rule Description
..Z 20001	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*FTP_NetTerm_BO*	#Regular text
....Z 20002	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20003	#ID of the clause
.R HTTP_CGI_EZShopper_CmdExecution	#Rule Definition
..D Detects potentially unauthorized attempts to execute commands with the permissions of the EZShopper script owner.	#Rule Description
..Z 20004	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_CGI_EZShopper_CmdExecution*	#Regular text
....Z 20005	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20006	#ID of the clause
.R HTTP_CGI_EZShopper_FileRead	#Rule Definition
..D Detects potentially unauthorized attempts to read protected files on the server hosting the EZShopper script.	#Rule Description
..Z 20007	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_CGI_EZShopper_FileRead*	#Regular text
....Z 20008	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20009	#ID of the clause
.R HTTP_CGI_QuikStore_Request	#Rule Definition
..D Detects potentially unauthorized attempts to read the quikstore configuration file.	#Rule Description
..Z 20010	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_CGI_QuikStore_Request*	#Regular text
....Z 20011	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20012	#ID of the clause
.R HTTP_CGI_SGI_Webdist_Request	#Rule Definition
..D Detects potentially unauthorized attempts to execute commands with the permission of the http daemon.	#Rule Description
..Z 20013	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_CGI_SGI_Webdist_Request*	#Regular text
....Z 20014	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20015	#ID of the clause
.R HTTP_CGI_SoftCart_FileRequest	#Rule Definition
..D Detects potentially unauthorized attempts to read softcart log files.	#Rule Description
..Z 20016	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_CGI_SoftCart_FileRequest*	#Regular text
....Z 20017	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20018	#ID of the clause
.R HTTP_Cisco_IOS_DoS	#Rule Definition
..D Detects attempts to deny routing service by overflowing an IOS buffer.	#Rule Description
..Z 20019	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_Cisco_IOS_DoS*	#Regular text
....Z 20020	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20021	#ID of the clause
.R HTTP_MS_IIS_ISAPI_Filter_DoS	#Rule Definition
..D Detects attempts to deny IIS web service by overflowing an ISAPI filter buffer.	#Rule Description
..Z 20022	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_MS_IIS_ISAPI_Filter_DoS*	#Regular text
....Z 20023	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20024	#ID of the clause
.R HTTP_MS_IIS_RAD_BO	#Rule Definition
..D Detects potentially unauthorized attempts to execute commands on an IIS server with Remote Application Deployment server extension, using the permissions of the system administrator.	#Rule Description
..Z 20025	#Rule ID
..V 90	#Rule Value
..S	#Select Clause(s)
...G System Message	#System Message
....T *NetProwler*HTTP_MS_IIS_RAD_BO*	#Regular text
....Z 20026	#ID of the clause
..A	#Action Clause(s)
...E Record to Event Viewer	#Record Event
....Z 20027	#ID of the clause