Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · Books · Network Ninja · Archive

Classic tech archive. From the original averyjparker.com tech blog — historical context; pair with modern guides where noted. Full archive · Maker projects · Network Ninja

Classic tip · Security

Malware scanning?

The SANS institute is warning of an increase in reports of malware scanning for vulnerabilities. Currently these samples of malware are undetected by current antivirus signatures. They're requesting …

Written by

Avery J. Parker

IT veteran, maker educator, and author of Network Ninja, 3D Printing Mastery, and AI Workflow Mastery. Business IT: Diversified Tech Solutions.

The SANS institute is warning of an increase in reports of malware scanning for vulnerabilities. Currently these samples of malware are undetected by current antivirus signatures. They're requesting samples of the malware for analysis. The last such surge in scanning was about a week ago when they noted a spike in scans to port 1026. It turned out that was advance recognition of the dasher worm trying to circulate.


One of the things that has helped the Dasher worm to spread is an attituted that only ports lower than 1025 are worth defending (low ports are considered to have greater system access.) It's worth noting that any ports should be firewalled if they are not specifically needed.