Very peculiar Telnet probing (possibly spoofed?)

• Previous message (by thread): Very peculiar Telnet probing (possibly spoofed?)
• Next message (by thread): Very peculiar Telnet probing (possibly spoofed?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jeff Kell wrote:
> I'm getting attacks from:
> 
> 159.226.x.x
> 202.x.x.x
> 203.x.x.x

These /8s are shared between a whole lot of different ISPs in different 
countries.

Do the machines trying this typically look like botnets, or open proxies?

Do you notice any other traffic (malicious or otherwise) from these IPs 
immediately before or after these telnet probes?

	srs

• Previous message (by thread): Very peculiar Telnet probing (possibly spoofed?)
• Next message (by thread): Very peculiar Telnet probing (possibly spoofed?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]