Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2020-10-24Guy BruneauAn Alternative to Shodan, Censys with User-Agent CensysInspect/1.1
2020-02-05Brad DuncanFake browser update pages are "still a thing"
2019-11-19Johannes UllrichCheap Chinese JAWS of DVR Exploitability on Port 60001
2019-08-01Johannes UllrichWhat is Listening On Port 9527/TCP?
2019-07-26Kevin ShorttDVRIP Port 34567 - Uptick
2019-03-09Guy BruneauA Comparison Study of SSH Port Activity - TCP 22 & 2222
2018-12-16Guy BruneauRandom Port Scan for Open RDP Backdoor
2018-01-09Jim ClausingWhat is going on with port 3333?
2017-09-22Russell EubanksWhat is the State of Your Union?
2017-09-05Johannes UllrichThe Mirai Botnet: A Look Back and Ahead At What's Next
2017-08-18Guy Bruneautshark 2.4 New Feature - Command Line Export Objects
2017-06-16Lorna HutchesonWhat is going on with Port 83?
2017-04-22Jim ClausingWTF tcp port 81
2017-01-28Guy BruneauRequest for Packets and Logs - TCP 5358
2017-01-10Johannes UllrichPort 37777 "MapTable" Requests
2016-05-26Xavier MertensKeeping an Eye on Tor Traffic
2016-04-25Guy BruneauHighlights from the 2016 HPE Annual Cyber Threat Report
2016-02-02Johannes UllrichTargeted IPv6 Scans Using pool.ntp.org .
2015-09-28Johannes Ullrich"Transport of London" Malicious E-Mail
2015-06-27Guy BruneauIs Windows XP still around in your Network a year after Support Ended?
2015-04-08Tom WebbIs it a breach or not?
2014-10-13Lorna HutchesonFor or Against: Port Security for Network Access Control
2014-09-15Johannes UllrichGoogle DNS Server IP Address Spoofed for SNMP reflective Attacks
2014-07-05Guy BruneauJava Support ends for Windows XP
2014-06-11Daniel WesemannHelp your pilot fly!
2014-05-23Richard PorterHighlights from Cisco Live 2014 - The Internet of Everything
2014-03-26Johannes UllrichLet's Finally "Nail" This Port 5000 Traffic - Synology owners needed.
2014-03-13Daniel WesemannIdentification and authentication are hard ... finding out intention is even harder
2014-03-06Mark BaggettPort 5000 traffic and snort signature
2014-01-22Chris MohanLearning from the breaches that happens to others
2014-01-11Guy Bruneautcpflow 1.4.4 and some of its most Interesting Features
2014-01-02Johannes UllrichScans Increase for New Linksys Backdoor (32764/TCP)
2013-11-25Johannes UllrichMore Bad Port 0 Traffic
2013-11-22Rick WannerPort 0 DDOS
2013-10-30Russ McReeSIR v15: Five good reasons to leave Windows XP behind
2013-05-19Kevin ShorttPort 51616 - Got Packets?
2013-03-03Richard PorterUptick in MSSQL Activity
2013-01-08Richard PorterYahoo Web Interface Report: Compose and Send
2012-12-06Daniel WesemannFake tech support calls - revisited
2012-10-03Kevin ShorttFake Support Calls Reported
2012-01-27Mark HofmanCISCO Ironport C & M Series telnet vulnerability
2012-01-13Guy BruneauSysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2011-11-11Rick WannerAPPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 update
2011-10-25Chris MohanRecurring reporting made easy?
2011-08-25Kevin ShorttIncreased Traffic on Port 3389
2011-06-29Johannes UllrichRandom SSL Tips and Tricks
2011-06-21Chris MohanAustralian government security audit report shows tough love to agencies
2011-05-23Mark HofmanMicrosoft Support Scam (again)
2011-04-20Daniel WesemannData Breach Investigations Report published by Verizon
2011-01-25Chris MohanReviewing our preconceptions
2011-01-24Rob VandenBrinkWhere have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2011-01-15Jim ClausingWhat's up with port 8881?
2011-01-08Guy BruneauPandaLabs 2010 Annual Report
2010-11-24Jim ClausingHelp with odd port scans
2010-08-16Raul SilesThe Seven Deadly Sins of Security Vulnerability Reporting
2010-07-29Rob VandenBrinkThe 2010 Verizon Data Breach Report is Out
2010-07-06Rob VandenBrinkBogus Support Organizations use Live Operators to Install Malware
2010-06-15Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-04-20Raul SilesAre You Ready for a Transportation Collapse...?
2010-03-01Mark HofmanMicrosoft will drop support for Vista (without any Service Packs) on April 13 and support for XP SP2 ends July 13. (i.e. no more security updates). If you are still running these, it it time to update.
2010-02-03Rob VandenBrinkSupport for Legacy Browsers
2010-01-09G. N. WhiteWhat's Up With All The Port Scanning Using TCP/6000 As A Source Port?
2009-10-28Johannes UllrichCyber Security Awareness Month - Day 28 - ntp (123/udp)
2009-10-25Lorna HutchesonCyber Security Awareness Month - Day 25 - Port 80 and 443
2009-10-21Pedro BuenoCyber Security Awareness Month - Day 21 - Port 135
2009-10-17Rick WannerCyber Security Awareness Month - Day 17 - Port 22/SSH
2009-10-15Deborah HaleCyber Security Awareness Month - Day 15 - Ports 995, 465, and 993 - Secure Email
2009-10-11Mark HofmanCyber Security Awareness Month - Day 12 Ports 161/162 Simple Network Management Protocol (SNMP)
2009-10-08Johannes UllrichCyber Security Awareness Month - Day 8 - Port 25 - SMTP
2009-05-02Rick WannerSignificant increase in port 2967 traffic
2009-04-15Marcus Sachs2009 Data Breach Investigation Report
2009-01-21Raul SilesTraffic increase for port UDP/8247
2008-12-16donald smithCisco's Annual Security report has been released.
2008-08-02Maarten Van HorenbeeckA little of that human touch
2008-07-02Jim ClausingThe scoop on the spike in UDP port 7 traffic
2008-05-26Marcus SachsPort 1533 on the Rise
2008-04-27Marcus SachsWhat's With Port 20329?
2008-04-10Deborah HaleDSLReports Being Attacked Again
2008-04-08Swa FrantzenSymantec's Global Internet Security Threat Report
2006-11-29Toby KohlenbergNew Vulnerability Announcement and patches from Apple
2006-09-21Johannes UllrichApple updates Airport Drivers