Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: TCP/UDP Port Activity - SANS Internet Storm Center TCP/UDP Port Activity

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
[show ascii data]


Port Information
Protocol Service Name
tcp msnp MSN Messenger Protocol
udp msnp MSN Messenger Protocol
[get complete service list]
User Comments
Submitted By Date
Doug Smith 2009-10-04 18:34:56 lists this as associated with: W32.Mytob, Bifrose, which Symantec describes as a mass-mailing worm.
Timo Steffens 2009-10-04 18:34:27
In the last two months we noticed waves of accesses to 1863/UDP. Arbor mentions 1863 as port for C&C-servers of a small botnet. The scans (or accesses) to 1863 seem to focus on a small part of the address space (rather than cover the whole possible address space).
Add a comment
CVE Links
CVE # Description