nanog mailing list archives
Re: how to deal with port scan and brute force attack from AS 8075 ?
From: Bacon Zombie <baconzombie () gmail com>
Date: Thu, 7 Apr 2016 15:59:48 +0200
They should always just use Shodan. https://www.shodan.io/explore On 4 April 2016 at 05:54, Brandon Vincent <Brandon.Vincent () asu edu> wrote:
On Thu, Mar 31, 2016 at 4:41 AM, DV <iamzam () gmail com> wrote:I have noticed this and especially the strange format of the packets with a SYN/ECE/CWR flag combination: http://pastebin.com/jFCDAmdr This may be $whoever trying to establish network performance/congestion via ECN or it could be something else like a fast scan technique or OS fingerprintingIt's OS fingerprinting. Targeted attacks are far more productive. If I'm trying to get into an organization, I'd much rather be interested in Juniper ScreenOS than someone's personal *nix machine. Brandon Vincent
-- BaconZombie 55:55:44:44:4C:52:4C:52:42:41 LOAD "*",8,1
Current thread:
- Re: how to deal with port scan and brute force attack from AS 8075 ? DV (Apr 03)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Brandon Vincent (Apr 07)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Bacon Zombie (Apr 07)
- <Possible follow-ups>
- Re: how to deal with port scan and brute force attack from AS 8075 ? Davide Davini (Apr 03)
- Re: how to deal with port scan and brute force attack from AS 8075 ? cyrus ramirez via NANOG (Apr 03)
- Re: how to deal with port scan and brute force attack from AS 8075 ? William Herrin (Apr 07)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Owen DeLong (Apr 11)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Jared Mauch (Apr 11)
- Re: how to deal with port scan and brute force attack from AS 8075 ? William Herrin (Apr 11)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Owen DeLong (Apr 11)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Owen DeLong (Apr 11)
- Re: how to deal with port scan and brute force attack from AS 8075 ? Brandon Vincent (Apr 07)