Rule History

alert tcp any any -> $HOME_NET any (msg:"ET INFO SSH-2.0-Go version string Observed in Network Traffic"; flow:established,to_server; dsize:12; content:"SSH-2.0-Go|0d 0a|"; fast_pattern; threshold:type limit,track by_src,count 1,seconds 120; classtype:misc-activity; sid:2038967; rev:1; metadata:affected_product Any, attack_target Client_and_Server, created_at 2022_09_23, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_09_23;)