Security Incidents mailing list archives
Re: Cisco vulnerability scanning increase
From: Joshua Hamor <jhamor () cnemedia mi8 com>
Date: Fri, 02 Sep 2005 13:38:14 -0700
morriswurm () yahoo com wrote:
We recently picked up a spike in TCP 80 scanning against one of our netblocks.Absolutely. I was wondering what it was myself. Thanks for the clue. My error log is filled with that and the awstats scanning.Looking at the payload, it appears to be a Cisco vulnerability scanner. /level/16/exec/-///pwd Numerous random source IP's across various netblocks, makes it appear to be bot related potentially. Anyone else seeing this type of activity?
Current thread:
- Cisco vulnerability scanning increase morriswurm (Sep 02)
- Re: Cisco vulnerability scanning increase Joshua Hamor (Sep 02)
- <Possible follow-ups>
- RE: Cisco vulnerability scanning increase nms (Sep 02)
- RE: Cisco vulnerability scanning increase Jose Nazario (Sep 03)
- RE: Cisco vulnerability scanning increase Smith, Brad (Sep 02)
- Re: Cisco vulnerability scanning increase NotPhunny Dude (Sep 06)