Educause Security Discussion
mailing list archives
uptick in http scanning?
From: Brian Helman <bhelman () SALEMSTATE EDU>
Date: Fri, 20 Dec 2013 14:12:33 +0000
I've noticed an uptick in the scanning of our network for http services over the last week. These scans have been
extremely basic -- sequentially looking for http only. They are different in that, once they find a web server, they
don't do anything other than move on to the next IP (unlike the usual php/cgi scans).
Anyone else noticing similar behavior? The sheer number of them is making me wonder if there's a new tool out that is
harvesting this information for later attempts at exploitation.
BTW, if your holiday has already past, I hope it was a good one. If it's yet to come, I hope it is without stress.
And everyone have a happy new year!
- uptick in http scanning? Brian Helman (Dec 20)