Signature Detail
Short Name |
SMTP:EXPLOIT:SUSPICIOUS-TO |
|---|---|
Severity |
High |
Recommended |
No |
Category |
SMTP |
Keywords |
Suspicious Mail Receiver with Randomized Address |
Release Date |
2013/04/08 |
Update Number |
2252 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: Suspicious Mail Receiver with Randomized Address
This signature detects SMTP messages that contains suspicious "to" header randomized. This kind of behavior is mostly observed when someone is trying to scan and send malicious traffic against a network security device using various traffic generators.