Handler on Duty: Johannes Ullrich
Threat Level: green
Thinking...
|
|
||||||||
| Submitted By | Date |
|---|---|
| Comment | |
| PHP | 2013-04-16 12:03:56 |
| On April 13th 2013, we saw almost a million rejected packets on 4855/udp towards an IP address we have never used. All the most active IPs where based in Iran, mostly ADSL according to a whois lookup. We had 600+ sources, 1 destination. One high port per source IP, and up to 23000 packets from the same source. This was over an 8 hour period, after which is suddenly stoped. DNS pointing to wrong destination ? But what is 4855 udp ? | |
| CVE # | Description |
|---|
© 2026 SANS™ Internet Storm Center
Developers: We have an API for you! 