Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: TCP/UDP Port 1863 Activity - SANS Internet Storm Center TCP/UDP Port 1863 Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
Port Information
Protocol Service Name
tcp msnp MSN Messenger Protocol
udp msnp MSN Messenger Protocol
[get complete service list]
User Comments
Submitted By Date
Comment
Doug Smith 2009-10-04 18:34:56
http://www.bekkoame.ne.jp/~s_ita/index.html lists this as associated with: W32.Mytob, Bifrose, which Symantec describes as a mass-mailing worm.
Timo Steffens 2009-10-04 18:34:27
In the last two months we noticed waves of accesses to 1863/UDP. Arbor mentions 1863 as port for C&C-servers of a small botnet. The scans (or accesses) to 1863 seem to focus on a small part of the address space (rather than cover the whole possible address space).
Add a comment
CVE Links
CVE # Description