Category: SANS™ Internet Storm Center

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I noticed in my logs 2 weeks ago regular probe from a subnet in the Amazone cloud only scanning for TCP/8080 capture by the iptables of my DShield sensor. The scanning started on the 15 Aug -

Our list of "Top" ssh usernames and password is pretty static. Well known defaults, like "root" and "admin" are at the top of the list. But there are always some usernames and password in the list

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Demo scripts left behind after installing applications or frameworks are an ongoing problem. After installation, removing any "demo" or "example" folders is usually best. A few days ago, Ravindu Wickramasinghe noticed that the Angular-base64-upload project is leaving behind

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I receive a lot of spam in my catch-all mailboxes. If most of them are not interesting, some still attract my attention. Especially the one that I'll describe in this diary. The scenario is classic, an

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Wireshark release 4.4.1 fixes 2 vulnerabilities and 27 bugs. One of these bugfixes is for the missing IP address plugin on Windows, see "Wireshark 4.4's IP Address Functions". And there is a new feature in TShark:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.