News

CERT Quarterly Report: Reconnaissance Activity Up

Better batten down the hatches. In its latest quarterly report, CERT finds that network reconnaissance activity is on the rise.

"Over the past several weeks, the CERT/CC [Coordination Center] has observed a significant increase in network reconnaissance activity," the Carnegie Mellon-based security organization noted in its report.

CERT attributes some of the traffic to the Sadmind/IIS worm and another worm known as the "cheese" worm.

However, CERT says its data indicates that there is also active scanning going on for known vulnerabilities in other network services and a lot of generalized port scans happening to hosts.

"In order to minimize exposure to this activity, the CERT/CC recommends that sites review and apply vendor-supplied security patches, disable non-critical network services and actively monitor system and network logs for unusual activity," the report recommends.

Reports continue to flood in at CERT of sites affected by the Sadmind/IIS worm. The number of Internet Information Server/Services sites defaced through the use of the self-propogating malicious code has run away to 6,000. CERT also says at least 500 Solaris machines have been compromised by the Sadmind/IIS worm. The worm compromises Solaris machines, which are then used to deface IIS sites.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Google Goes Live with Managed Service for Microsoft Active Directory

    Google's Managed Service for Microsoft Active Directory is now a "generally available" service, according to a Thursday Google announcement.

  • Dell Sells RSA Assets for $2 Billion

    Dell's RSA security solutions businesses, including the RSA Conference, were bought by a consortium of companies for about $2 billion, according to Tuesday announcements.

  • How To Get Started as a Windows Insider

    Microsoft's Windows Insider program is invaluable for IT pros who want to test drive new Windows 10 features before the update rolls out to their entire organization. If you haven't already signed up to be an Insider, here's how to do it.

  • Old Fashioned Mics

    Microsoft Preps for RSA Conference with Multiple Security Product Announcements

    Microsoft announced various enterprise security solution product milestones this week in advance of the forthcoming RSA Conference, which will start on Feb. 24.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.