Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Activity increase on Port 12345; More Phishing; Ethereal Exploit

Published: 2004-03-28
Last Updated: 2004-03-29 00:02:55 UTC
by Lorna Hutcheson (Version: 1)
0 comment(s)
Activity Increase on Port 12345

There is an increase in traffic for the targets and records for port
12345.



http://isc.incidents.org/port_details.html?port=12345



The source numbers are staying constant. If anyone has any captures of
this traffic please let us know.

More Phishing

We received an active Phishing scam to retrieve a user's ID and password
from WestPac Online Banking.
This attempt takes you to an actual Westpac site where you get a 404 Not
Found error and then a pop up
on top that asks for your information. The popup is located at:



http://deretlens.info/west/westpac.php.



The site is still active at this time. More information can also be
found at:



http://www.antiphishing.org/phishing_archive/westpac_03-26-04.htm




Ethereal Exploit Code

The exploit code against the latest Ethereal vulnerabilities has been
published. It is important to ensure that you have
upgraded to 0.10.3. For more information see:



http://isc.incidents.org/diary.html?date=2004-03-23

http://www.ethereal.com/appnotes/enpa-sa-00013.html




--------------------------------------------------

Handler on Duty: Lorna J. Hutcheson

Keywords:
0 comment(s)
Diary Archives