[From InformationWeek]
An alert from Symantec describes an unusual amount of scanning of a port normally associated with Microsoft SQL Server, a possible precursor to an attack.
The Cupertino, Calif.-based company’s DeepSight Threat network, a global collection of sensors that tracks developing attacks, reported an increase in the number of scanned sensors and the number of attacking IP addresses scanning TCP port 1433, which is commonly used by Microsoft’s server software.
The article continues at
http://informationweek.com/story/showArticle.jhtml?articleID=166402261