Main Nav

I've noticed an uptick in the scanning of our network for http services over the last week.  These scans have been extremely basic -- sequentially looking for http only.  They are different in that, once they find a web server, they don't do anything other than move on to the next IP (unlike the usual php/cgi scans).

Anyone else noticing similar behavior?  The sheer number of them is making me wonder if there's a new tool out that is harvesting this information for later attempts at exploitation.

BTW, if your holiday has already past, I hope it was a good one.  If it's yet to come, I hope it is without stress.  And everyone have a happy new year!

-Brian


Comments

I've noticed an uptick in the scanning of our network for http services over the last week.  These scans have been extremely basic -- sequentially looking for http only.  They are different in that, once they find a web server, they don't do anything other than move on to the next IP (unlike the usual php/cgi scans).

Anyone else noticing similar behavior?  The sheer number of them is making me wonder if there's a new tool out that is harvesting this information for later attempts at exploitation.

BTW, if your holiday has already past, I hope it was a good one.  If it's yet to come, I hope it is without stress.  And everyone have a happy new year!

-Brian