Thinking...
[get complete service list]
Top of page
Port Information
Protocol Service Name
tcp https HTTP protocol over TLS SSL
udp https HTTP protocol over TLS/SSL
TCP [ICS] OPC UA XML [ICS] OPC UA XML
Top IPs Scanning
Today Yesterday
45.142.193.233 (18218)102.164.101.95 (4454)
185.73.23.159 (2867)185.224.128.251 (3844)
185.224.128.251 (1581)65.109.64.218 (3813)
186.2.165.115 (1455)73.26.198.57 (3172)
153.66.23.215 (1390)31.56.204.74 (2311)
97.90.2.34 (946)185.73.23.159 (2102)
152.53.191.128 (379)45.205.1.8 (2039)
77.83.39.162 (365)153.66.23.10 (1810)
45.205.1.8 (334)172.94.9.253 (1783)
146.190.89.221 (315)152.53.191.128 (1676)
Port diary mentions
URL
LSASS exploit, SSL PCT exploits, port 559 (tcp) proxy hunter, Bagle.Z
Increased SSL Activity; Exploits for MS04-022; Mailbag
Quiet Day;TCP443; Firefox GIF image handling heap overflow exploit; MS javaprxy.dll update
port 443 https increase
[Guest Diary] Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service.
[Guest Diary] Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service.
Top of page
User Comments
Submitted By Date
Comment
Sunny Dhbahai 2013-03-05 13:43:50
Redis Server Port which client can run queries. Default Port Exposed to Internet Could Face Brute Force Attacks. Nmap Brute Force Script For Radis: http://nmap.org/nsedoc/scripts/redis-brute.html
Alexander Dupuy 2010-11-23 14:17:15
UDP/443 is typically Skype traffic. From http://download.skype.com/share/business/guides/skype-it-administrators-guide.pdf (p.10 section 2.1.2 Operations): "It also uses UDP 443 to test network connectivity." These network probes typically have 18 byte payloads from the client (dst port UDP/443) and 26 byte payloads from the server (src port UDP/443)
Top of page
CVE Links
CVE # Description
CVE-2014-0160 The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
CVE-2014-0224 OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability.
CVE-2014-6321 Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."
CVE-2016-8610 A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
Top of page