Spike in Activity over T.C.P. Ports 2048, 4096 and 5120

On Friday, January 01, 2010, there was a Registered rise in Activity over T.C.P. Ports 2048, 4096 and 5120, coming from the same I.P. Address Located in the United States.  These Ports are used for less popular software as none of these Ports are linked with any Known Vulnerabiltes or Common Services; NetChk Security Software uses these Ports, for example.  This suggests that the Attacker is Targeting less-popular software and/or services.  Please make sure that if any software uses these Ports, that you have all Known Patches Installed.

 

 

  

Message Edited by Floating_Red on 01-02-2010 02:48 PM
Message Edited by Floating_Red on 01-02-2010 02:48 PM