security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[Rule Tuning] Mknod Process Activity (#276)

Browse Source
This commit is contained in:
Justin Ibarra
2020-09-24 16:27:16 -05:00
committed by GitHub
parent 652b2c5e44
commit 3c0d982d8f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/linux/linux_mknod_activity.toml
+2 -2
View File
@@ -2,7 +2,7 @@
creation_date = "2020/02/18"
ecs_version = ["1.6.0"]
maturity = "production"
updated_date = "2020/08/03"
updated_date = "2020/09/09"
[rule]
author = ["Elastic"]
@@ -21,7 +21,7 @@ index = ["auditbeat-*", "logs-endpoint.events.*"]
language = "kuery"
license = "Elastic License"
name = "Mknod Process Activity"
references = ["https://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem"]
references = ["https://web.archive.org/web/20191218024607/https://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem/"]
risk_score = 21
rule_id = "61c31c14-507f-4627-8c31-072556b89a9c"
severity = "low"