Apps

全般

プロフィール

【返信完了】PASTE can't work properly with Trend Micro DDI » [sample]local0.txt

zoelin, 2017/09/05 17:00

 
Aug 25 15:53:37 172.30.255.179 CEF: 0|Trend Micro|Deep Discovery Inspector|3.82.1133|2184|Successful logon - RDP|2|dvc=172.30.255.179 dvcmac=C8:1F:66:C4:E7:A2 dvchost=ddi2 deviceExternalId=1896FCDAFA39-47F2AF34-AED5-5396-89DA rt=Aug 25 2017 15:53:09 GMT+08:00 app=RDP deviceDirection=1 dhost=172.30.241.3 dst=172.30.241.3 dpt=3389 dmac=00:1b:17:00:0a:1c shost=172.28.1.15 src=172.28.1.15 spt=62385 smac=00:30:88:1e:50:f9 fileType=0 fsize=0 act=not blocked cn3Label=Threat Type cn3=2 destinationTranslatedAddress=172.30.241.3 sourceTranslatedAddress=172.28.1.15 suid=admin cnt=1 cat=Authentication cs6Label=pAttackPhase cs6=Lateral Movement
(4-4/4)