This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
About hattracker
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About hattracker
4Posts
6Likes
0Solutions
Last Visited
User
Activity
User
Profile
Latest posts by hattracker
| Subject | Views | Posted |
|---|---|---|
| 8277 | 09-09-2020 11:59 AM | |
| 11476 | 01-29-2020 06:57 AM | |
| 11542 | 01-24-2020 01:23 PM | |
| 14085 | 01-16-2020 08:47 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 01-24-2020 01:23 PM | |
| 2 Likes | 01-29-2020 06:57 AM | |
| 3 Likes | 01-16-2020 08:47 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 2 Likes |
User Badges
Community Statistics
| Member Since | 10-10-2019 12:30 PM |
| Date Last Visited | |
| Posts | 4 |
| Total Likes Received | 6 |
09-09-2020
11:59 AM
I am sorry, no I do not have any packet captures from those events. I did some digging at checked out a few machines. At that time I did not find any compromised machines. It may be a good time to look at those threats again.
... View more
01-29-2020
06:57 AM
2 Kudos
Thank you for replying. I am concerned because those addresses are not relevant to our daily business, but each machine is performing only a few sweeps a day. I am concerned at this traffic, but wondering if I am just being paranoid?
... View more
01-24-2020
01:23 PM
1 Kudo
I see 100 views but no comments. Is there additional information I can add to help refine my question?
... View more
01-16-2020
08:47 AM
3 Kudos
I am looking for assistance interpreting a report that shows “SCAN Host sweep traffic” in my threat log. There are multiple internal sources scanning multiple destination IP addresses that I do not own. The daily number of scans detected from each source is between 2 and 10. The source machine rarely scans the same destination. Is this a low level attack trying to stay under the radar or is there an explanation that does not indicate a problem on my network? I appreciate any feedback. Type: Scan Name: SCAN: Host Sweep From Zone: Inside To Zone: Outside Source address: Internal IP address owned by me Destination Address: various external addresses not owned by me. Port; 99% of the time 443. Occasionally port 80 or 22222 This screen shot show traffic during one time frame. I see various Source and Destination addresses. This screen shot is filtered by destination address. This destination address is scanned various times from different Source addresses over the course of several days.
... View more
Contact Me
Latest Tags
No tags yet
Likes From
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks