SonicOS 7 Rules and Policies

Creating a Match Object

The following hexadecimal characters are entered as the object content of the match object representing the Vista command prompt banner:

4D6963726F736F66742057696E646F7773205B56657273696F6E20362E302E363030305D0D0A436F70797269676874202863292032303036204D6963726F73667420436F72706F726174696F6E2E

Fingerprint export and the match object definition do not really need to use hexadecimal notation here (the actual signature is ASCII text in this case). Hexadecimal is only required for binary signatures.

Similar entries are obtained in the same manner from Windows 2000 and Windows XP hosts and used to create other match objects, resulting in the three match objects shown below:

Other examples for Windows Server 2003 or any other Windows version might be easily obtained using the described method.

Linux/UNIX administrators need to customize the default environment variable to take advantage of this signature based defense, as the default prompt is typically not sufficiently specific or unique to be used as described above.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.