Keith, > We're starting to see a surge in scans for tcp 443. > My guess is that someone has scripted an attack > against the mod_ssl vulnerability. SYN packets to a port don't really show much, other than, as you say, a surge in scans. Have you captured any packets that would shed some light on this issue? __________________________________________________ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Mar 11 2002 - 14:14:30 PST