let us try a rule to tell us about ssh use

alert tcp any any -> any 22 (msg:”SSH RECEIVED---Good Work  IACD!!!“;sid:70000009;rev:1;)

ssh ftpuser@192.168.100.x          (83)

Establish some rules to alert you if staff go to facebook,bbc and youtube

  • Facebook
  • LinkedIn

© The Institute of Advanced Cyber Defence 2020.