Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Port 53413 (tcp/udp) Attack Activity - SANS Internet Storm Center Port 53413 (tcp/udp) Attack Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
[get complete service list]
Port Information
Protocol Service Name
Top IPs Scanning
TodayYesterday
185.244.25.246 (64)157.245.68.205 (271)
205.185.120.173 (43)157.245.72.214 (244)
74.82.47.3 (25)157.245.68.199 (231)
157.245.76.212 (23)167.71.253.81 (220)
157.245.68.199 (17)157.245.76.212 (200)
221.228.97.218 (15)157.245.77.163 (176)
74.82.47.43 (15)205.185.120.173 (116)
74.82.47.27 (14)157.230.153.191 (108)
74.82.47.11 (13)221.228.97.218 (92)
74.82.47.55 (12)206.189.155.31 (82)
Port diary mentions
URL
Surge in Exploit Attempts for Netis Router Backdoor (UDP53413)
User Comments
Submitted By Date
Comment
2016-08-01 00:23:46
The devices causing this traffic seem to be IoT devices (DVR's IPCAM's etc.), possibly part of LizzardStresser or another botnet based on it
2016-02-03 10:29:11
This appears to be an attack against netcore routers - udp port 53413. It attempts to run various busybox / shell commands.
Add a comment
CVE Links
CVE # Description