Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2003-10-28 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Port 554 increase, Solar flare activity continues

Published: 2003-10-28
Last Updated: 2003-10-29 02:19:20 UTC
by Handlers (Version: 1)
0 comment(s)
Port 554

Over the last few days we observe a small but significant increase in the
number of sources scanning port 554.

http://www.dshield.org/port_report.php?port=554&recax=1&tarax=1&srcax=2&days=10

This port is used by the "Real Time Stream Control Protocol" (rtsp). RTSP one of the protocols used to stream audio suing a 'Realserver' (Real Audio). Late last
year, a buffer overflow was found in Real Server, which can be triggered via invalid RTSP data: http://www.service.real.com/help/faq/security/bufferoverrun12192002.html . This flaw has been exploited widely in the past and an exploit has been available for several months.

Solar Flare Activity

Yet another large solar flare erupted earlier today. Like last weekend, the solar flare ejected a large amount of charged particles, which may interfere with communications later this week. For current space weather reports, see http://www.sel.noaa.gov/today.html .
Keywords:
0 comment(s)
Diary Archives