From d72509952b7de90582a487fe68fd548242b246d6 Mon Sep 17 00:00:00 2001
From: banditopazzo <banditopazzo@gmail.com>
Date: Tue, 2 Jul 2024 18:28:15 +0200
Subject: [PATCH] fix: remove wrong telnet rule

---
 rules/lateral_movement/telnet_network_activity.yaml | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/rules/lateral_movement/telnet_network_activity.yaml b/rules/lateral_movement/telnet_network_activity.yaml
index fd7a2c19..f6dc3a8b 100644
--- a/rules/lateral_movement/telnet_network_activity.yaml
+++ b/rules/lateral_movement/telnet_network_activity.yaml
@@ -17,13 +17,6 @@
   description: Detects the execution of the Telnet utility. Attackers may use Telnet to establish a remote connection to a device or server.
   condition: header.image == "/usr/bin/telnet"
 
-- name: Telnet network activity - Accept
-  type: Accept
-  category: lateral_movement
-  severity: medium
-  description: Detects Telnet network activity. Attackers may use Telnet to establish a remote connection to a device or server.
-  condition: header.image == "/usr/bin/telnet" 
-
 - name: Telnet network activity - Connect
   type: Connect
   category: lateral_movement