UTM、週報 06/16

Date: 2018/06/16 Type: weekly

TOP10 dropped services Total dropped packets: 22 101 Top Service Name Protocol Service Packets % 1 TELNET TCP 23 2 320 10.50 % 2 MICROSOFT-DS TCP 445 2 154 9.75 % 3 HTTP TCP 80 1 943 8.79 % 4 MS-SQL-S TCP 1433 583 2.64 % 5 DOMAIN UDP 53 538 2.43 % 6 HTTP-ALT TCP 8080 404 1.83 % 7 TCP 52869 331 1.50 % 8 TCP 8545 328 1.48 % 9 IRDMI TCP 8000 315 1.43 % 10 HTTPS TCP 443 288 1.30 %

・port 8000

8000 TCP UDP iRDMI (Intel Remote Desktop Management Interface)[119] sometimes erroneously used instead of port 8080 公式 8000 TCP Commonly used for Internet radio streams such as SHOUTcast 非公式 8000 TCP Splunk web-interface 非公式 8000 TCP FreemakeVideoCapture service (part of Freemake Video Downloader)[120] 非公式 8000 TCP DynamoDB Local[121] 非公式 8000 TCP Nortel Contivity Router Firewall User Authentication (FWUA) default port number 非公式 8000 TCP frePPLe - open source production planning default port number 非公式 出典　https://ja.wikipedia.org/wiki/TCP%E3%82%84UDP%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8B%E3%83%9D%E3%83%BC%E3%83%88%E7%95%AA%E5%8F%B7%E3%81%AE%E4%B8%80%E8%A6%A7 ・port 8545 JSON RPC 次のサイト、使いやすそう 　https://www.speedguide.net/port.php?port=8545 示されたリンク先　↓ 　https://isc.sans.edu/port.html?port=8545 引用: [JSON-RPC / Ethereum cryptocurrency node / Satori-Mirai] - Research by Qihoo 360 showed in May 2018 that port 8545 was being abused to find exposed JSON-RPC ports which can lead to private key or personal data leakage and even theft of cryptocurrency. Sensors reported packet payloads which reveal wallet addresses by potential thieves.