Port scanning events are characterized by any host that is observed trying to contact a service on another host that is not expected or supported. This risk vector also accounts for hosts that may be scanning darknet space. This type of activity is often performed by a worm looking for additional devices to infect.
Articles in this section
- Data Collection Methods Overview
- Types of Collected Data
- Spam Trap
- How is the Botnet Infections Risk Vector Observed?
- How is the Spam Propagation Risk Vector Observed?
- How is the Malware Servers Risk Vector Observed?
- How is the Unsolicited Communications Risk Vector Observed?