ET ATTACK_RESPONSE Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval RAKP message 2 status code Unauthorized Name

7.0.35.0SID: 2017121Rev: 2Enabled5 views
Sourceet/open
Fileemerging-attack_response.rules
CreatedJuly 9, 2013
UpdatedJuly 26, 2019
Classificationprotocol-command-decode
alert udp $HOME_NET 623 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval RAKP message 2 status code Unauthorized Name"; content:"|06 13|"; offset:4; depth:2; content:"|0d|"; distance:11; within:1; classtype:protocol-command-decode; sid:2017121; rev:2; metadata:created_at 2013_07_09, confidence Medium, signature_severity Minor, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)

Metadata

created at2013_07_09
confidenceMedium
signature severityMinor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!