SNIcat.Data.Exfiltration.Tool
Description
This indicates detection of an attempt to use SNIcat.
SNIcat is a data exfiltration tool. It performs data exfiltration via SNI (Server Name Indication), a TLS Client Hello extension.
Affected Products
All unprotected systems are vulnerable
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Monitor the traffic from the network for any suspicious activity.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-12-15 | 19.219 | Default_action:pass:drop |
2021-12-07 | 19.211 | |
2021-12-07 | 19.210 | |
2021-12-07 | 19.209 |