A reader (Bill) reported that he is seeing a substantial increase of UDP port 50368 traffic getting blocked by the firewall. The traffic appears to originate from Europe, and uses numerous source ports (but many of them are "well known").
Here a quick sample of sources and source ports
No idea what's causing that. We have almost no other traffic to this port in our database. If you see any outbound traffic like that, let us know.I will be teaching next: Intrusion Detection In-Depth - SIEM Summit & Training 2019
Oct 24th 2005
1 decade ago