unknown_msg
Description
This protocol anomaly indicates that after decoding the LDAP PDU, the message type given is not defined in the LDAP RFC (2251).
Affected Products
Any system.
Impact
Unknown Malicious LDAP packet may indicate potential attack.
Recommended Actions
This indicates detection of traffic that does not comply with the protocol standard. Monitor the traffic from that network for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |