alert tcp $HOME_NET any -> $EXTERNAL_NET $SSH_PORT (msg:"[ScreenOS] Juniper ScreenOS Login for Suspicious Admin user - system"; content: "Admin user system has logged on via"; nocase; content "00515"; parse_src_ip: 1; reference:cve,2015-7755; reference:url,; classtype:successful-admin; sid: 5002771; rev:2;)

-- Main.Sagan-Wiki-Add - 2016-8-30

New revisions of 5002771 will be below...

Topic revision: r1 - 2016-08-30 - Sagan-Wiki-Add
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback