Security Incidents mailing list archives
Re: Port 1234 UDP traffic increase?
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Fri, 14 Dec 2007 13:43:22 -0500
On Dec 14, 2007 12:05 PM, Bob Holowenko <holowenko () gmail com> wrote:
Personally I do not think we have to worry about traffic from doubleclick. They were bought out by Google last spring I believe. As for traffic on port 1234 I have not seen any increase in it. I will however be setting up some packet sniffing on my network edge to see if I can get more information about what is being carried in those packet. Anyone have any wireshark caps already?
OK, I figured this one out with a little help from wireshark and the machines receiving the traffic. Apparently 1234/UDP is used for a proprietary Video Streaming application. I think what I will take away from this is that while the last time I was watching this much traffic, viruses were noisy and big. Today, the ones to worry about are DDoS (80,53, 433, 8080, etc) and quiet C&C channels. I guess the days of massive floods related to malware/viruses/worms are long gone. Once again, sorry for the noise. I will try and do some more legwork before hitting up the list :-) -JP ------------------------------------------------------------------------- This list sponsored by: SPI Dynamics ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems! Firewalls and IDS will not stop such attacks because SQL Injections are NOT seen as intruders. Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8E --------------------------------------------------------------------------
Current thread:
- Port 1234 UDP traffic increase? Dude VanWinkle (Dec 13)
- Re: Port 1234 UDP traffic increase? crazy frog crazy frog (Dec 14)
- Re: Port 1234 UDP traffic increase? Dude VanWinkle (Dec 14)
- Message not available
- Re: Port 1234 UDP traffic increase? Dude VanWinkle (Dec 14)
- Re: Port 1234 UDP traffic increase? Steve Barnet (Dec 20)
- Re: Port 1234 UDP traffic increase? Dude VanWinkle (Dec 14)
- Re: Port 1234 UDP traffic increase? crazy frog crazy frog (Dec 14)