alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; classtype:attempted-recon; sid:2003068; rev:6;)

Added 2011-10-12 19:12:48 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; sid:2003068; rev:6;)

Added 2011-09-14 22:25:46 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SSH_Brute_Force; sid:2003068; rev:6;)

Added 2011-02-04 17:22:14 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SSH_Brute_Force; sid:2003068; rev:6;)

Added 2010-06-28 22:47:02 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SSH_Brute_Force; sid:2003068; rev:6;)

Added 2010-06-28 22:47:02 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SSH_Brute_Force; sid: 2003068; rev:6;)

Added 2009-02-12 18:21:19 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; reference:url,doc.emergingthreats.net/2003068; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/SCAN/SCAN_SSH_Brute_Force; sid: 2003068; rev:6;)

Added 2009-02-12 18:21:19 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:5;)

Added 2009-01-06 12:45:21 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S,12; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:5;)

Added 2009-01-06 12:45:21 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:4;)

Added 2008-09-19 11:36:32 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags:S; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:4;)

Added 2008-09-19 11:36:32 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:3;)

Added 2008-01-29 10:56:40 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg:"ET SCAN Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:3;)

Added 2008-01-29 10:56:40 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-29 09:47:52 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-29 05:17:10 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-29 04:04:47 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-29 03:49:24 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 12:56:30 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 10:32:58 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 05:35:25 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 05:10:01 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 04:39:48 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 03:49:19 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-27 02:40:50 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-26 23:06:01 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-25 14:28:10 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-25 01:35:32 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-25 00:52:33 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-24 23:48:43 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-24 16:04:38 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-24 14:40:12 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-24 03:17:21 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-24 02:57:53 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-23 08:46:38 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-22 23:04:59 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-22 22:47:33 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-22 12:04:47 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-21 22:06:22 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-21 00:31:26 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,en.wikipedia.org/wiki/Brute_force_attack; sid: 2003068; rev:2;)

Added 2007-08-20 10:04:44 UTC


alert tcp $HOME_NET any -> $EXTERNAL_NET 22 (msg: "BLEEDING-EDGE Potential SSH Scan OUTBOUND"; flags: S; flowbits: set,ssh.brute.attempt; threshold: type threshold, track by_src, count 5, seconds 120; classtype: attempted-recon; reference:url,www.whitedust.net/article/27/Recent%20SSH%20Brute-Force%20Attacks/; sid: 2003068; rev:1; )



Topic revision: r2 - 2007-08-20 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats