|
There is a recent spike in TCP port 8443 http://isc.sans.org/port_details.php?port=8443. Any one have any details on what this traffic might be? Packets with payload would be great!
Update: Many readers have written in commenting on what products use this TCP port. This is a pretty sizable spike. It ispossible that there is some new exploit or scanning tool being used. That is what I am looking for evidence of. Okay we have a good handle on the products using port 8443: ePO Some web portal software Alternate ssl port Web app backend products A backup package The question still remains: what is the cause of the spike? It is legitimate traffic or malicious? |
Dan 42 Posts May 4th 2006 |
| Thread locked Subscribe |
May 4th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
