Honeypot Abnormality
Overall, there was not much of note happening on Father's Day. Just one little tidbit to mention:
One of the handlers noticed some unusual traffic on a honeypot, but we have been unable to link it to any known tool/exploit/etc...
The traffic involved a connection tcp port 29296 with the following commands:
GET /2004/6/18/18/54/15/ HTTP/1.1
User-Agent: Mozilla/777.1 (compatible; MSIE 888.12; Windows
NT 999.1)
Host: xxx.xxx.xxx.xxx:29296
If anyone recognizes this pattern and has more information please let us know.
One of the handlers noticed some unusual traffic on a honeypot, but we have been unable to link it to any known tool/exploit/etc...
The traffic involved a connection tcp port 29296 with the following commands:
GET /2004/6/18/18/54/15/ HTTP/1.1
User-Agent: Mozilla/777.1 (compatible; MSIE 888.12; Windows
NT 999.1)
Host: xxx.xxx.xxx.xxx:29296
If anyone recognizes this pattern and has more information please let us know.
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments