Protocols Passing Authentication In Cleartext

Description

This search looks for cleartext protocols at risk of leaking credentials. Currently, this consists of legacy protocols such as telnet, POP3, IMAP, and non-anonymous FTP sessions. While some of these protocols can be used over SSL, they typically run on different assigned ports in those cases.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Compliance

Category

Compliance

Alert Volume

This search looks for cleartext protocols at risk of leaking credentials. Currently, this consists of legacy protocols such as telnet, POP3, IMAP, and non-anonymous FTP sessions. While some of these protocols can be used over SSL, they typically run on different assigned ports in those cases.

SPL Difficulty

None

Journey

Stage 2

Kill Chain Phases

Reconnaissance
Actions On Objectives

Data Sources

Network Communication

   Help

Protocols Passing Authentication In Cleartext Help

This search requires you to be ingesting your network traffic, and populating the Network_Traffic data model.

   Search

Open in Search