|
Security Incidents
mailing list archives
RE: Unusual volume: UDP:137 probes
From: Mark Forsyth <forsythm () optushome com au>
Date: Tue, 1 Oct 2002 10:55:51 +1000
On Tuesday, October 01, 2002 1:55 AM, Emeric Miszti [SMTP:emeric () uksecurityonline com] wrote:
[deletia]
Been seeing exactly the same spike with same patterns. Up from 40 odd scans on
28/9/2002 to 495 already today.
Up until 01-Oct 10:50 (Aust. EST) I've seen 349. The rate is increasing fairly quickly.
Incidents.org have picked this up at the Internet Storm Center
http://isc.incidents.org/port_details.html?port=137
No explanations or reasons been given by anyone yet.
There _may_ be an explanation here:-
https://grc.com/x/news.exe?cmd=article&group=grc.security&item=59379&utag=
I sure would like to stick a honeypot somewhere and see what happens.
Ooroo
Mark F...
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
| 
Intro
