Threat LevelMEDIUM45/1001 rule type
2 incidents on record · last seen 2d ago
| PTR | b194.vom.lutsk.ua |
| Org / ASN | VOM LLC |
| Country | 🇺🇦 Ukraine |
| City | Lutsk, Volyn |
| Timezone | Europe/Kyiv |
Attack Analysis
IDS: Database Port Scan
Suricata detected this IP scanning database ports (MySQL, PostgreSQL, Redis, MongoDB). This is reconnaissance to find exposed database services for direct exploitation or credential brute-force. Database ports should never be reachable from the internet.
Reports (2)
| Date | Severity | Description |
|---|---|---|
| 17 Jun 2026 - 09:43 | high | IDS: Database port scan — ET SCAN Suspicious inbound to mySQL port 3306 |
| 17 Jun 2026 - 09:09 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
EagleEye Intelligence