id: bluecoat-telnet-proxy-detect info: name: BlueCoat Telnet Proxy - Detect author: righettod severity: info description: | Detects Blue Coat telnet proxy services. reference: - https://en.wikipedia.org/wiki/Blue_Coat_Systems - https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/edge-swg/7-3/about-ssl-proxy.html - https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/edge-swg/7-3.html metadata: max-request: 1 verified: true tags: network,bluecoat,proxy,detect tcp: - inputs: - data: "\r\n" read: 1024 host: - "{{Hostname}}" port: 23 read-size: 4096 matchers: - type: word part: data words: - "Blue Coat telnet proxy" # digest: 490a004630440220399eadb0d76d49e997e4ee4a1b74d4febf52005a6ee99ce0a4ebe1722015fada02205db8a40c7ad217a83d8a7689da6dd13aeee373f9430b725c7cfa7adf2dc2f09d:922c64590222798bb761d5b6d8e72950