Rule:--Sid:3454--Summary:This event is generated when an attempt is made to probe forinformation on a host running Arkeia Client Backup server.--Impact:This may be reconnaissance to find version or operatingsystem information about the Arkeia Client Backup serverto later run an appropriate exploit.--Detailed Information:By default, Arkeia Client Backup servers do not require anyauthentication for informational requests.  An attacker whomay be planning to exploit a vulnerable version of the softwaremay attempt to request file or system information.--Affected Systems:	Arkeia version 5.3 and prior.--Attack Scenarios:An attacker can attempt to query an Arkeia Client Backupserver for system or file information.--Ease of Attack:Simple.  Exploits are publicly available.--False Positives:None known. If you run Arkeia Client Backup on your network,make sure that your the variable $EXTERNAL_NET is configuredto reflect IP addresses outside of your network.  Otherwise,this rule will alert on valid internal traffic.--False Negatives:None known.--Corrective Action:Upgrade to the most current non-affected version of the product.--Contributors:Sourcefire Vulnerability Research TeamJudy Novak <judy.novak@sourcefire.com>--Additional ReferencesMetasploit:http://metasploit.com/research/arkeia_agent--