We do see a significant increase in 443 scans. However, there is no "current" vulnerability that would explain it.
If you see attacks against https servers, please let us know and send in packet (including any web server logs if they would show an effect of the attack)
Try to limit packet submissions to "suspect" packets that either cause suspect server behaviour or trigger an IDS.
isc.sans.org/port.htmlI will be teaching next: Intrusion Detection In-Depth - SANS Las Vegas Spring 2020
Apr 20th 2007
1 decade ago