Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Activity increase on Port 12345; More Phishing; Ethereal Exploit - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Activity increase on Port 12345; More Phishing; Ethereal Exploit
Activity Increase on Port 12345

There is an increase in traffic for the targets and records for port
12345.



http://isc.incidents.org/port_details.html?port=12345



The source numbers are staying constant. If anyone has any captures of
this traffic please let us know.

More Phishing

We received an active Phishing scam to retrieve a user's ID and password
from WestPac Online Banking.
This attempt takes you to an actual Westpac site where you get a 404 Not
Found error and then a pop up
on top that asks for your information. The popup is located at:



http://deretlens.info/west/westpac.php.



The site is still active at this time. More information can also be
found at:



http://www.antiphishing.org/phishing_archive/westpac_03-26-04.htm




Ethereal Exploit Code

The exploit code against the latest Ethereal vulnerabilities has been
published. It is important to ensure that you have
upgraded to 0.10.3. For more information see:



http://isc.incidents.org/diary.html?date=2004-03-23

http://www.ethereal.com/appnotes/enpa-sa-00013.html




--------------------------------------------------

Handler on Duty: Lorna J. Hutcheson

Lorna

165 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!