An observant reader reports that he is seeing a very noticeable increase in TCP scanning for port 4899 and our dshield data confirms an uptick.  Port 4899 is the default port for the Radmin tool, which is a windows-based computer remote-control package.  According to his data, the scans are mostly originating from Spanish-speaking South American countries.  We don't have confirmation that the attackers are looking for Radmin, so if you have some packet captures please upload them and we can take a look.

Handler: Kyle Haugsness