Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Stuxnet Traffic Detection

Info

Synopsis

The remote host is passing RPC traffic which is requesting an RPC UUID which is synonymous with the Stuxnet trojan.

Description

The remote host is passing RPC traffic which is requesting an RPC UUID which is synonymous with the Stuxnet trojan. This may indicate that either the host is infected with Stuxnet or the host is scanning for Stuxnet-infected machines.

Solution

Ensure that the system is not infected. If it is not infected, ensure that the system is authorized to be running security scans on the network.