TGI HUNT Linux uname output

SID: 2610877Rev: 125 views
Sourcetgreen/hunting
CreatedOctober 20, 2025
UpdatedOctober 20, 2025
Classificationmisc-activity
alert tcp any any -> any any (msg:"TGI HUNT Linux uname output"; flow:established; content:"Linux"; content:"GNU/Linux"; distance:0; pcre:"/Linux\s[a-zA-Z0-9_-]{1,32}?\x2d(?!-)[a-z0-9-]{1,63}(?<!-)\s\d\x2e\d+\x2e\d\x2d\d+[^\s]*\s#\d.{0,32}\sSMP\s(.*?\s)?(Sun|Mon|Tue|Wed|Thu|Fri|Sat)\s(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s([0-2][0-9]|3[0-1])\s([0-1][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9])\s([A-Z]{3})\s(19[0-9]{2}|20[0-9]{2})\s(?:x86_64\s){3}GNU\/Linux/"; nocase; classtype:misc-activity; sid:2610877; rev:1;)

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!