Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Increase in port 2525; Ethereal released new version; New phishing attack trend - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Increase in port 2525; Ethereal released new version; New phishing attack trend
Increase in port 2525

One of our handlers, Patrick, saw a surge of port 2525 traffic. According to the port graph, there is an increase on this port for the past few days.

This port is associated with the ms-v-worlds platform. However, a google search shows that this port is also used as an alternative port for SMTP.

Many viruses are captable to propagate themselves through their own SMTP engine. As such some ISPs have closed the SMTP port (25) for outgoing connections from their customers to prevent an infected computer from propagating the virus.

If you also observe this upward trend on this port and other possible use of this port, let us know.

http://isc.sans.org/port_details.php?port=2525
Ethereal released new version

Ethereal has released a new version to address the vulnerabilities discovered. The vulnerabilities may allow a remote user to execute arbitrary code or cause denial of service conditions.

http://www.ethereal.com/news/item_20050120_01.html
New Phishing Attack Trend

Yesterday, Jason published a very useful information on handling phishing attack. Anti-Phishing Working Group has also just released its December report. The report provides phishing statistic and trend. It also reported the use of a new attack vector, using concealed malicious code on websites, to gather information without users knowledge.

http://antiphishing.org/APWG%20Phishing%20Activity%20Report%20-%20December%202004.pdf

Koon Yaw

68 Posts

Sign Up for Free or Log In to start participating in the conversation!