Vendor: Linux

July 25, 2023 · View on GitHub

Product: Linux CentOs

RulesModelsMITRE TTPsEvent TypesParsers
147411
Use-CaseEvent Types/ParsersMITRE TTPContent
Cryptominingnetwork-connection-failed
centos-network-connection-failed
T1496 - Resource Hijacking
  • 1 Rules
Lateral Movementnetwork-connection-failed
centos-network-connection-failed
T1071 - Application Layer Protocol
T1090.002 - Proxy: External Proxy
T1571 - Non-Standard Port
  • 12 Rules
  • 7 Models
Malwarenetwork-connection-failed
centos-network-connection-failed
T1071 - Application Layer Protocol
  • 1 Rules
Ransomwarenetwork-connection-failed
centos-network-connection-failed
T1071 - Application Layer Protocol
  • 1 Rules

ATT&CK Matrix for Enterprise

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Non-Standard Port

Proxy: External Proxy

Application Layer Protocol

Proxy

Resource Hijacking