Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Port 38566, Update to Firefox weakness, Packetfoo site launched!

Published: 2006-05-07
Last Updated: 2006-05-08 00:21:25 UTC
by Mike Poor (Version: 1)
0 comment(s)
 Lots of scanning on port 38566

http://isc.sans.org/port_details.php?port=38566

Shows a very large number of records and sources, and a small set of targets.  

Its is currently #1 in the Dshield Ports list:

http://www.dshield.org/topports.php


Update to Firefox vulnerability posted  earlier

http://secunia.com/advisories/19698/

This particular vulnerability could be exploited by a malicious web site, enabling the remote site to open and view content of local files.  This is enabled by the site tricking the user into right-clicking (alt-clicking) and choosing the "view image" on a broken image link.  The malicious site links to a file on your machine, which then exposes the file.


Packetfoo launched

Many of us have been wanting packet capture file archives for a while.  Richard Beijtlich started a project called OpenPacket.org and I startedPacketfoo.  I have talked to Richard briefly about collaborating, and Im sure we will further that as the projects grow.  Ill be setting up the charter, and putting up files as the days go by.  Any support would be  appreciated.

domo arigato gozaimas,

Mike Poor
Handler on Duty
Intelguardians
Keywords:
0 comment(s)
Diary Archives