[Emerging-Sigs] SSH negation on 2018378

James Lay jlay at slave-tothe-box.net
Mon Apr 13 07:05:52 HDT 2020


I'd considered that...but the rate I get this is not uncommon.  Guess I
can just do it locally ☺  Thanks Joel!

On Mon, 2020-04-13 at 15:50 +0000, Joel Esler (jesler) wrote:
> What if SSL is running over port 22?
> 
> > On Apr 13, 2020, at 11:35 AM, James Lay <jlay at slave-tothe-box.net>
> > wrote:
> > 
> > 
> > Any chance we can get a negation on this?  I've seen this a few
> > times:
> > 
> > 04/10-22:17:46.964152  [**] [1:2018378:5] ET EXPLOIT Possible
> > OpenSSL HeartBleed Large HeartBeat Response (Server Init Vuln
> > Client) [**] [Classification: Potentially Bad Traffic] [Priority:
> > 2] {TCP} x.x.x.x:61812 -> x.x.x.x:22
> > 
> > Thank you!
> > 
> > 
> > James
> > _______________________________________________
> > Emerging-sigs mailing list
> > Emerging-sigs at lists.emergingthreats.net
> > https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> > 
> > Support Emerging Threats! Subscribe to Emerging Threats Pro 
> > http://www.emergingthreats.net
> > 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20200413/075576ba/attachment-0001.html>


More information about the Emerging-sigs mailing list