|
One of the first things I normally do when I start a shift as HOD is to look at our trends page and see if there is anything interesting going on. Today, I noted ports 8800, 1100, and 5905. And what the heck is going on with the periodic spikes on 22105? I see our friends at Arbor have posted a nice story about the port 1100 stuff and what they think that is all about, but if anyone has thoughts on any of these others and/or are able to capture some packets (something more than just SYN packets
---Jim I will be teaching next: Malware Reverse-Engineering Challenge - SANS New York City 2019 |
Jim 406 Posts ISC Handler |
| Subscribe |
Jun 7th 2008 1 decade ago |
) let us know via the Sign Up for Free or Log In to start participating in the conversation!
