Re: Increased connects to Port 1433
From: Travis Pugh (tdp@discombobulated.net)Date: 05/21/02
- Previous message: Johannes Ullrich: "Re: Strange scan on 1433"
- In reply to: Keith T. Morgan: "RE: Increased connects to Port 1433"
- Next in thread: Tom Pope: "RE: Increased connects to Port 1433"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Travis Pugh" <tdp@discombobulated.net> To: "Keith T. Morgan" <keith.morgan@terradon.com> Date: Tue, 21 May 2002 14:09:58 -0400
----- Original Message -----
From: "Keith T. Morgan" <keith.morgan@terradon.com>
> We've seen a moderate increase for scans on port 1433. We're up
about 200%,
> however the overall number of scans is small, so that percentage may
be a little
> misleading. While scans are up, they don't appear to be at an
alarming rate yet, at
> least on any of our systems.
I am seeing more than 200% at a medium-sized site. From April 7th to
May 20th, I recieved 17,168 individual scans stopped at the firewall.
So far on May 21, I have recieved 27,400 scans. I got 11,186 scans
yesterday.
While still a rather small number for a couple of /24s, I'm curious to
see if this thing has legs, and whether it will continue to grow
quickly. The scans initially appear to be coming from a relatively
small number of sources (roughly 45), but they have increased a good
deal from my perspective.
Cheers.
-travis
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Johannes Ullrich: "Re: Strange scan on 1433"
- In reply to: Keith T. Morgan: "RE: Increased connects to Port 1433"
- Next in thread: Tom Pope: "RE: Increased connects to Port 1433"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
