diff --git a/rules/linux/auditd/lnx_auditd_network_service_scanning.yml b/rules/linux/auditd/lnx_auditd_network_service_scanning.yml
index c5b07591d..9606fc5ae 100644
--- a/rules/linux/auditd/lnx_auditd_network_service_scanning.yml
+++ b/rules/linux/auditd/lnx_auditd_network_service_scanning.yml
@@ -9,7 +9,7 @@ references:
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1046/T1046.md
 author: Alejandro Ortuno, oscd.community
 date: 2020/10/21
-modified: 2022/11/26
+modified: 2023/09/26
 tags:
     - attack.discovery
     - attack.t1046
@@ -25,6 +25,8 @@ detection:
             - '/nmap'
             - '/netcat'
             - '/nc'
+            - '/ncat'
+            - '/nc.openbsd'
         key: 'network_connect_4'
     condition: selection
 falsepositives: