 About PacketViper, LLC PacketViper, LLC develops a intelligent Geo IP Network Filter capable of filtering any country to the port level. PacketViper removes unwanted probing, fights against DDOS attacks, spam, and much more. With PacketViper on the front lines, security environments become less congested, and more effective. About PacketViper: PacketViper has ripped out the pages of complex geo location filtering, and inserted their own proving Geo IP filtering can be simple, and will improve the network security layer. PacketViper's new thinking of bi-directional per port filtering performed at the gateway eliminates unwanted network traffic before entering the security environment, proving to lessen the impact of DDOS, spam, port probing, breaches, scanning, and reducing bandwidth usage. Scampering many preconception that geo location filtering is not effective in a security layer. PacketViper has also ripped away and silenced any preconceived notions that when geo location (country blocking) filtering is enabled, it causes more problems than its worth. PacketViper comes as a never expiring free starter edition which can be download and tested without any investment needed. Viper Network Systems has put their money where their mouth is, and has put it in the hands of the customer, to prove definitively PacketViper is the real deal in Geo IP Filtering. | PacketViperPacketViper, a Point and Click Geo-IP Network Filter, can filter countries or companies by port, bi-directionally. PacketViper can be installed by moving two network cables, and no fuss. A complement to all network security environments. GNL UPDATE GRIZZLY STEPPE is a name that has been given by the US Government to a particular strain of malicious cyber activity originating from Russian civilian and military Intelligence Services (RIS). Our Global Sensor High Risk list will now include GRIZZLY STEPPE indicated IP addresses. To enable blocking, just go to your Global Network Lists under Traffic Control and Enable Blocking in Both directions for the Global Sensor High Risk GNL. Avail: 1/10/17
Posted 493 weeks ago
PORT ALERT HIGH SCAN VOLUME OF TCP 23: Ongoing intensity of scans on TCP 23, many originating from high risk countries as well as known offenders. Port is associated with the Telnet service, one of the oldest Internet protocols and the most popular program for remote access to Unix machines with many known vulnerabilities. Create a Custom Rule blocking inbound TCP 23 or, if you don’t already have one, create a Grouping named HIGH RISK PORT GROUP and add 23/tcp to your HIGH RISK PORT GROUP. If your organization makes use of this port, create strict PASS Custom Rules for those networks you wish to have access.
Posted 493 weeks ago
PORT ALERT HIGH VOLUME OF SCANS ORIGINATING FROM TCP 6000: Ongoing uptick in scans and attacks originating from TCP 6000, many from high risk countries, particularly China, Taiwan, and the Republic of Korea (South Korea). Scans from 6000/tcp have been seen in attacks on tcp ports 3389 ms-wbt-server, 3306 mysql, 1433 ms-sql, 1080 socks, 22 ssh, and others. Create three custom rules blocking inbound source port TCP 6000 originating from China, Taiwan, and the Republic of Korea one rule for each country.
Posted 494 weeks ago
PORT ALERT HIGH SCAN VOLUME OF TCP 23231: Ongoing intensity of scans on TCP 23231, many originating from high risk countries as well as known offenders. There are no known vulnerabilities in the common services on this port. However, administrators may use this port to listen for telnet connections as an alternative to port 23/tcp adding a layer of obscurity to your defensive position. It seems like the bad guys have caught on. Create a Custom Rule blocking inbound TCP 23231 or, if you don’t already have one, create a Grouping named HIGH RISK PORT GROUP and add 23231/tcp to your HIGH RISK PORT GROUP. If your organization makes use of this port, create strict PASS Custom Rules for those networks you wish to have access.
Posted 494 weeks ago
GNL ADDED GNL Added: The National Research Council (NRC, French: Conseil national de recherches Canada) is the primary national research and technology organization (RTO) of the Government of Canada, in science and technology research and development. Avail: 12/30/16
Posted 494 weeks ago
PORT ALERT BOTNET SCANNING ACTIVITY ON TCP 6789: The Mirai botnet is an open-source botnet whose code was recently made available to the general public by it’s creator. Mirai takes advantage of hard coded passwords in IoT devices such as security cameras, thermostats, and smart TVs to install a backdoor, enabling them to use these devices for DDoS attacks. Recent activity on port 6789/tcp has been interpreted as attempts to compromise DaHua devices in particular. Create a Custom Rule blocking inbound TCP 6789 or, if you don’t already have one, create a Grouping named HIGH RISK PORT GROUP and add 6789/tcp to your HIGH RISK PORT GROUP. If your organization makes use of this port, create strict PASS Custom Rules for those networks you wish to have access.
Posted 496 weeks ago
PORT ALERT HIGH SCAN VOLUME OF TCP 2323: Ongoing intensity of scans on TCP 2323, many originating from high risk countries as well as known offenders. There are no known vulnerabilities in the common services on this port. However, administrators may use this port to listen for telnet connections as an alternative to port 23/tcp adding a layer of obscurity to your defensive position. It seems like the bad guys have caught on. Create a Custom Rule blocking inbound TCP 2323 or, if you don’t already have one, create a Grouping named HIGH RISK PORT GROUP and add 2323/tcp to your HIGH RISK PORT GROUP. If your organization makes use of this port, create strict PASS Custom Rules for those networks you wish to have access.
Posted 496 weeks ago
PORT ALERT INCREASED SCAN VOLUME TCP 1433: Vulnerabilities on this interface may allow it to serve as a vector for various worm-like malwares or for remote users to gain escalated privileges. Create a custom rule blocking inbound TCP 1433 or add this port to your HIGH RISK PORT GROUP. Please be aware that this port is also used for legitimate traffic related to Microsoft SQL Server. For this reason, we advise some caution in the application of custom rules to your network.
Posted 496 weeks ago
GNL ADDED GNL Added: The Blue Cross Blue Shield Association (BCBSA) is a federation of 36 separate United States health insurance organizations and companies, providing health insurance to more than 106 million Americans. Blue Cross was founded in 1929, and became the Blue Cross Association in 1960, while Blue Shield emerged in 1939 and the Blue Shield Association was created in 1948. The two organizations merged in 1982. Avail: 12/15/16
Posted 496 weeks ago
GNL ADDED GNL Added: The United States Department of Health and Human Services (HHS), also known as the Health Department, is a cabinet-level department of the U.S. federal government with the goal of protecting the health of all Americans and providing essential human services. Its motto is “Improving the health, safety, and well-being of America”. Before the separate federal Department of Education was created in 1979, it was called the Department of Health, Education, and Welfare (HEW). Avail: 12/15/16
Posted 497 weeks ago
|
