Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2010-02-21 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

TCP Port 12174 Request For Packets

Published: 2010-02-21
Last Updated: 2010-02-21 16:53:56 UTC
by Tony Carothers (Version: 1)
0 comment(s)

On a very slow day, I have had a chance to catch up on some of the trends over the past few months, and something interesting caught my eye: A severe upshot in port 12174 traffic over the past 48 hours has appeared on the radar.  I know  TCP Port 12174 has appeared a few times in the past; I am checking to see if this is an old dog, or an old dog with new tricks.  If anybody has any packet captures for this port please submit them via the Contacts page.

Thanx,

Tony Carothers

tony d0t carothers at isc,sans,org

Keywords: 12174
0 comment(s)

Looking for "more useful" malware information? Help develop the format.

Published: 2010-02-21
Last Updated: 2010-02-21 12:27:14 UTC
by Patrick Nolan (Version: 1)
0 comment(s)

The "Introduction to MAEC White Paper" (Malware Attribute Enumeration and Characterization) has been released.

The paper describes the continuing development of "a standardized language for encoding and communicating high-fidelity information about malware based upon attributes such as behaviors, artifacts, and attack patterns". The paper includes "discussion of our Conficker characterization and problems/issues we face in the development of MAEC that may be of interest".

If you're interested in participating, even occasionally via list participation, it's appreciated . Contact information is at the MAEC Working Group site.

Malware Attribute Enumeration and Characterization (MAECâ„¢)

0 comment(s)
Diary Archives