What's going on with these ports? Got packets?
One of the first things I normally do when I start a shift as HOD is to look at our trends page and see if there is anything interesting going on. Today, I noted ports 8800, 1100, and 5905. And what the heck is going on with the periodic spikes on 22105? I see our friends at Arbor have posted a nice story about the port 1100 stuff and what they think that is all about, but if anyone has thoughts on any of these others and/or are able to capture some packets (something more than just SYN packets ) let us know via the contact page.
---Jim
Keywords: packets
0 comment(s)
My next class:
LINUX Incident Response and Threat Hunting | Online | Japan Standard Time | Oct 21st - Oct 26th 2024 |
×
Diary Archives
Comments