Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Probes for Cisco Web Interface SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Probes for Cisco Web Interface
The Philippine Honeynet project is detecting an uptick in scans for Cisco web access. The tool most likely used is ciscoscanner v 0.2. See the full analysis for details, and thanks to Ryan Talabis for pointing this out to us.

Reminder: It is a good idea to disable all unused remote access options, in particular unencrypted access like HTTP. If you must have unencrypted access enabled, limit it to trusted IP addresses that access the device over a trusted network.
I will be teaching next: Intrusion Detection In-Depth - SANS Baltimore Spring 2020

Johannes

3801 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!