Could this mean a mass attack is imminent? That's the speculation. Microsoft recently issued a patch for a buffer overflow issue related to SMB, which runs on port 445. The general feeling is that the inrease in scanning on this port could be the prelude to the launch of a new worm, set to attack any machine that hasn't yet been patched up.
Gartner recommend making sure machines are firewalled and that the Microsoft patch be deployed as rapidly as possible.
You can find the report over at the Gartner website.


LinkBack URL
About LinkBacks
Reply With Quote