E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
Matt Crawford
crawdad at fnal.gov
Fri Jul 23 13:09:30 EDT 2004
> E-commerce attack imminent; Sudden increase in port scanning for SSL
> doesn't look good.
> http://www.techworld.com/security/news/index.cfm?NewsID=1975
>
> ... aka not necessarily an attack on SSL itself ... but identifying
> end-points with open SSL ports as attack targets i.e. end-points with
> open SSL ports are likely to be somewhat higher value targets than
> machines w/o SSL ports .... since the operators possibly feel they have
> something to protect.
I can't see any reasonable way to derive your conclusion from the cited
article.
"The surge began on 15 July, the day before the public disclosure
of a critical flaw in a server module called mod_ssl.
"The last time Netcraft observed similar activity was in April,
shortly before a wave of attacks on SSL servers that included the
compromise of some major e-commerce sites. Attackers used a flaw
in Microsoft's implementation of SSL to install malicious code..."
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list