Re: 'Cyber Attack' Aimed At Texas Electricity Provider

["Jeff Kell" <Jeff-Kell () utc edu>]

Sorry for top-post, I'm relegated to webmail for the moment... :-(

-----Original Message-----
From: Valdis.Kletnieks () vt edu

> If I had a nickel for every ssh woodpecker we see, I could retire to a bungalow
> on a nice beach somewhere in the cheaper part of the Pacific Rim. If I counted
> the ones we *don't* see because we don't even bother logging them, I'd probably
> have a McMansion on the expensive side of the Pacific Rim. ;)

Amen to that.  Depending on the size of your internet-facing netblocks, this gets out of hand real fast.  The counts 
might be interesting for metrics or powerpoint slides as a measure of such activity, but get out of hand real quickly 
(though probably sells a lot of SIEM SAN storage).

Reminds me of the userland "firewalls" a few years back that would throw together a nice abuse@ report for such 
"unsolicted attack" behavior.  

IWF ring any bells?   :-)

Jeff


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.