We have noticed an increase in scanning activity to ports TCP/8909, TCP/6666, TCP/9415, TCP/27977 and UDP/7 and would love some packets if you have them. 

• TCP/8909 - No idea what it is a new one for me. A new one and starting to trend.
• TCP/6666 - this is probably going to be IRC, but it would be nice to confirm and see what is being scanned for.
• TCP/9415 - this used to be associated with open proxies, but again be good to get some packets to check.
• TCP/27977 - My first thought was gaming port, but that is just a guess.
• UDP/7 - echo, a blast from the past.  maybe they are looking  for misconfigured or old routers and *nix boxes.

If you have any packets to the above please submit them through the contact form or email them to handlers -at- sans.edu or directly to me markh.isc -at- gmail.com

Thanks in advance.

Mark H