Threat Level: green Handler on Duty: Kevin Liston

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2018-07-18 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Request for Packets: Port 15454

Published: 2018-07-18
Last Updated: 2018-07-18 17:48:47 UTC
by Kevin Liston (Version: 1)
0 comment(s)

Starting 12-JUL-2018 the number of DShield participants reporting probes for port 15454 started to rise.  It popped up on the experimental trends report (https://isc.sans.edu/trends.html) yesterday.  Fellow handler Richard Porter thought it sounded like a "debugger port for an App" and after a quick jaunt to The Googles he returned with an old report that this port opens up when the Clound9 IDE is doing its thing. (Source: https://stackoverflow.com/questions/39007572/cloud9-debugger-listening-on-port-15454)

We're curious if that initial guess is correct or not.  Are you seeing this as well?  Any pattern to the source or interesting tool marks.  Or better yet: Got Packets?

If so, hits us up on the contact form: https://isc.sans.edu/contact

Keywords: 15454
0 comment(s)
ISC Stormcast For Wednesday, July 18th 2018 https://isc.sans.edu/podcastdetail.html?id=6084
Diary Archives