The Philippine Honeynet project is detecting an uptick in scans for Cisco web access. The tool most likely used is ciscoscanner v 0.2. See the full analysis for details, and thanks to Ryan Talabis for pointing this out to us.
Reminder: It is a good idea to disable all unused remote access options, in particular unencrypted access like HTTP. If you must have unencrypted access enabled, limit it to trusted IP addresses that access the device over a trusted network.
I will be teaching next: Intrusion Detection In-Depth - SANS Las Vegas Spring 2020
Mar 7th 2006
1 decade ago