Strange connections to port 42935

[Ken Gilmour <ken.gilmour () gmail com>]

Hi,

I am seeing millions of connections to random IP addresses on several
of my networks originating from port 53 trying to connect to port
42935. The machines which are trying to connect from port 53 are not
listening on that port and are therefore likely not DNS servers, just
machines trying to spoof (and the requests are definitely not
originating from my network).

It would initially appear to be a Distributed UDP flood, however the
amount of traffic is insignificant so i wouldn't put it in the DDoS
class since it is not having any effect... I am just wondering if
there is something new out there trying out some new exploit on this
port?

Regards,

Ken

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------