Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2017-03-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

BitTorrent or Something Else?

Published: 2017-03-03
Last Updated: 2017-03-03 04:51:04 UTC
by Lorna Hutcheson (Version: 1)
1 comment(s)

I was looking at a curious uptick in traffic to TCP port 6881.    What caught my eye was that it was a immediate uptick from almost nothing and it has been sustained over a couple of weeks. Also, the number of sources has risen significantly compared to the past year.  Here's what it looks like now:

Here's what it looked like over the past year.  Notice the number of sources/day, especially for the time frame above :

If anyone has any packets or ideas, please send them in! 

 

 

1 comment(s)
ISC Stormcast For Friday, March 3rd 2017 https://isc.sans.edu/podcastdetail.html?id=5399
Diary Archives