how to deal with port scan and brute force attack from AS 8075 ?

• Previous message (by thread): how to deal with port scan and brute force attack from AS 8075 ?
• Next message (by thread): how to deal with port scan and brute force attack from AS 8075 ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

They should always just use Shodan.

https://www.shodan.io/explore

On 4 April 2016 at 05:54, Brandon Vincent <Brandon.Vincent at asu.edu> wrote:
> On Thu, Mar 31, 2016 at 4:41 AM, DV <iamzam at gmail.com> wrote:
>> I have noticed this and especially the strange format of the packets with a
>> SYN/ECE/CWR flag combination: http://pastebin.com/jFCDAmdr
>>
>> This may be $whoever trying to establish network performance/congestion via
>> ECN or it could be something else like a fast scan technique or OS
>> fingerprinting
>
> It's OS fingerprinting. Targeted attacks are far more productive. If
> I'm trying to get into an organization, I'd much rather be interested
> in Juniper ScreenOS than someone's personal *nix machine.
>
> Brandon Vincent



-- 


BaconZombie

55:55:44:44:4C:52:4C:52:42:41

LOAD "*",8,1

• Previous message (by thread): how to deal with port scan and brute force attack from AS 8075 ?
• Next message (by thread): how to deal with port scan and brute force attack from AS 8075 ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]