Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: Port 8443 Spike SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Port 8443 Spike
There is a recent spike in TCP port 8443 http://isc.sans.org/port_details.php?port=8443.  Any one have any details on what this traffic might be? Packets with payload would be great!

Update:
Many readers have written in commenting on what products use this TCP port.
This is a pretty sizable spike. It ispossible that there is some new exploit or scanning tool  being used. That is what I am looking for evidence of.

Okay we have a good handle on the products using port 8443:
ePO
Some web portal software
Alternate ssl port
Web app backend products
A backup package

The question still remains: what is the cause of the spike? It is legitimate traffic or malicious?
Dan

42 Posts
May 4th 2006

Sign Up for Free or Log In to start participating in the conversation!