port 443 / https increase
We do see a significant increase in 443 scans. However, there is no "current" vulnerability that would explain it.

If you see attacks against https servers, please let us know and send in packet (including any web server logs if they would show an effect of the attack)

Try to limit packet submissions to "suspect" packets that either cause suspect server behaviour or trigger an IDS.

isc.sans.org/port.htmlI will be teaching next: Intrusion Detection In-Depth - SANS Cyber Safari 2022

Johannes

4592 Posts
ISC Handler
Apr 20th 2007

Sign Up for Free or Log In to start participating in the conversation!