It seems like every time I take a handler shift lately, I'm talking about an uptick of traffic on another port and I'm not breaking that trend today. This really takes me back to the early days of the Internet Storm Center when that seemed to be the main thing we talked about. This time, the port that gotmy attention is UDP port 389. This is the normal port for the Lightweight Directory Access Protocol (LDAP) which is used a great deal by Microsoft Active Directory (AD).
References: [1] https://nvd.nist.gov/vuln/detail/CVE-2020-35518 --------------- |
Jim 423 Posts ISC Handler Jun 25th 2021 |
Thread locked Subscribe |
Jun 25th 2021 10 months ago |
Sign Up for Free or Log In to start participating in the conversation!