- Bronze, 100 points or more
I'm seeing numerous hits (denied) to port TCP 60760 from multiple IP addresses and ephemeral ports. The concentration on this port seems significant, of the firewall hits logged in the last 24 hours, 86% have been TCP dest 60760. No luck on internet searches regarding known services or vulnerabilities on that port.
Has anyone else seen this activity and verified the source application?