mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-04-26 22:47:49 +02:00
m0duspwnens
2.2 KiB
2.2 KiB
| 1 | attempted-admin | Attempted Administrator Privilege Gain | 1 |
|---|---|---|---|
| 2 | attempted-dos | Attempted Denial of Service | 2 |
| 3 | attempted-recon | Attempted Information Leak | 2 |
| 4 | attempted-user | Attempted User Privilege Gain | 1 |
| 5 | bad-unknown | Potentially Bad Traffic | 2 |
| 6 | coin-mining | Crypto Currency Mining Activity Detected | 2 |
| 7 | command-and-control | Malware Command and Control Activity Detected | 1 |
| 8 | credential-theft | Successful Credential Theft Detected | 1 |
| 9 | default-login-attempt | Attempt to login by a default username and password | 2 |
| 10 | denial-of-service | Detection of a Denial of Service Attack | 2 |
| 11 | domain-c2 | Domain Observed Used for C2 Detected | 1 |
| 12 | exploit-kit | Exploit Kit Activity Detected | 1 |
| 13 | external-ip-check | Device Retrieving External IP Address Detected | 2 |
| 14 | icmp-event | Generic ICMP event | 3 |
| 15 | inappropriate-content | Inappropriate Content was Detected | 1 |
| 16 | misc-activity | Misc activity | 3 |
| 17 | misc-attack | Misc Attack | 2 |
| 18 | network-scan | Detection of a Network Scan | 3 |
| 19 | non-standard-protocol | Detection of a non-standard protocol or event | 2 |
| 20 | not-suspicious | Not Suspicious Traffic | 3 |
| 21 | policy-violation | Potential Corporate Privacy Violation | 1 |
| 22 | protocol-command-decode | Generic Protocol Command Decode | 3 |
| 23 | pup-activity | Possibly Unwanted Program Detected | 2 |
| 24 | rpc-portmap-decode | Decode of an RPC Query | 2 |
| 25 | shellcode-detect | Executable code was detected | 1 |
| 26 | social-engineering | Possible Social Engineering Attempted | 2 |
| 27 | string-detect | A suspicious string was detected | 3 |
| 28 | successful-admin | Successful Administrator Privilege Gain | 1 |
| 29 | successful-dos | Denial of Service | 2 |
| 30 | successful-recon-largescale | Large Scale Information Leak | 2 |
| 31 | successful-recon-limited | Information Leak | 2 |
| 32 | successful-user | Successful User Privilege Gain | 1 |
| 33 | suspicious-filename-detect | A suspicious filename was detected | 2 |
| 34 | suspicious-login | An attempted login using a suspicious username was detected | 2 |
| 35 | system-call-detect | A system call was detected | 2 |
| 36 | targeted-activity | Targeted Malicious Activity was Detected | 1 |
| 37 | tcp-connection | A TCP connection was detected | 4 |
| 38 | trojan-activity | A Network Trojan was detected | 1 |
| 39 | unknown | Unknown Traffic | 3 |
| 40 | unsuccessful-user | Unsuccessful User Privilege Gain | 1 |
| 41 | unusual-client-port-connection | A client was using an unusual port | 2 |
| 42 | web-application-activity | access to a potentially vulnerable web application | 2 |
| 43 | web-application-attack | Web Application Attack | 1 |