Malware scanning?



The SANS institute is warning of an increase in reports of malware scanning for vulnerabilities. Currently these samples of malware are undetected by current antivirus signatures. They’re requesting samples of the malware for analysis. The last such surge in scanning was about a week ago when they noted a spike in scans to port 1026. It turned out that was advance recognition of the dasher worm trying to circulate.


One of the things that has helped the Dasher worm to spread is an attituted that only ports lower than 1025 are worth defending (low ports are considered to have greater system access.) It’s worth noting that any ports should be firewalled if they are not specifically needed.

   Send article as PDF   

Similar Posts