Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Increase in Port 6101 Activity - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Increase in Port 6101 Activity
Port 6101 Activity

It appears that we are again seeing an increase in activity being reported on port 6101.

This port is commonly used by Veritas Backup Exec. If you recall back in late December and early January a bulletin was issued by CIAC indicating that there was a potential buffer overflow vulnerability that exists in the Veritas Backup Exec service processes.

Veritas acknowledged that this was an issue and released some hotfixes back in late January.

If you have not yet applied the appropriate hotfixes - now might be a good time to do it. After all - I would rather you spend your time at home with your family this Easter weekend, not at the shop cleaning up the mess.

Deb Hale

Handler On Duty

279 Posts
ISC Handler
Mar 24th 2005

Sign Up for Free or Log In to start participating in the conversation!