port scan attack (by juniper)

Juniper
MaryamSaniee
You already voted!

index=* sourcetype="juniper:firewall"  src!="192.168.*"
| bin _time span=5m
| stats dc(dest_port) as distinct_port by src,dest,_time
|where distinct_port >1000

Share This:

Tagged: attack juniper

Leave A Comment? Click here to cancel reply.

Newest | Active

Sanjai

Active 22 hours, 32 minutes ago
bewafaha

Active 3 days, 7 hours ago
sadloveshayari

Active 4 days, 6 hours ago
hivatatt

Active 1 week, 1 day ago
yogesh shingate

Active 1 week, 2 days ago