#alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2_"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:4; metadata:created_at 2014_07_17, updated_at 2021_08_27;)

Added 2021-08-27 18:10:46 UTC


#alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2_"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:3; metadata:created_at 2014_07_17, updated_at 2020_08_20;)

Added 2020-08-20 17:55:27 UTC


#alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2_"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:3; metadata:created_at 2014_07_17, updated_at 2020_08_19;)

Added 2020-08-19 18:14:23 UTC


#alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2_"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:3; metadata:created_at 2014_07_17, updated_at 2014_07_17;)

Added 2018-09-13 19:48:58 UTC


Added 2018-09-13 17:58:47 UTC


#alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2_"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:3; metadata:created_at 2014_07_17, updated_at 2014_07_17;)

Added 2017-08-07 21:12:48 UTC


#alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET DELETED LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2_"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:3;)

Added 2014-09-23 17:58:31 UTC


alert ssh $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SCAN LibSSH2? Based SSH Connection - Often used as a BruteForce? Tool"; flow:established,to_server; ssh.softwareversion:"libssh2-"; threshold: type limit, track by_src, count 1, seconds 30; classtype:misc-activity; sid:2018689; rev:2;)

Added 2014-07-18 09:21:23 UTC


Topic revision: r1 - 2021-08-27 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats