Huawei BGP Authentication Failures

Rule Info

Name
Huawei BGP Authentication Failures
Author
Tim Brown
Description
Detects BGP failures which may be indicative of brute force attacks to manipulate routing.
Reference
https://www.blackhat.com/presentations/bh-usa-03/bh-us-03-convery-franz-v3.pdf
Date
2023-01-09 00:00:00
Modified
2023-01-23 00:00:00
Id
a557ffe6-ac54-43d2-ae69-158027082350
Tags
attack.initial-access attack.persistence attack.privilege-escalation attack.defense-evasion attack.credential-access attack.collection attack.t1078 attack.t1110 attack.t1557
Type
Community Rule
Link to Public Repo
https://github.com/SigmaHQ/sigma/search?q=a557ffe6-ac54-43d2-ae69-158027082350

Rule History

Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
598d29f81
github-actions[bot]
Merge PR #4611 from @nasbench - Promote Older Rules Status From `experimental` To `test`
2023-12-01
ae960f088
Nick Moore
Change rules using all of required-lists to |all
2023-01-23
0312c481d
Tim Brown
feat: add rules for BGP and LDP authentication failures
2023-01-12
4b52acd2f
THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022