how to deal with port scan and brute force attack from AS 8075 ?
Brandon.Vincent at asu.edu
Mon Apr 4 03:54:01 UTC 2016
On Thu, Mar 31, 2016 at 4:41 AM, DV <iamzam at gmail.com> wrote:
> I have noticed this and especially the strange format of the packets with a
> SYN/ECE/CWR flag combination: http://pastebin.com/jFCDAmdr
> This may be $whoever trying to establish network performance/congestion via
> ECN or it could be something else like a fast scan technique or OS
It's OS fingerprinting. Targeted attacks are far more productive. If
I'm trying to get into an organization, I'd much rather be interested
in Juniper ScreenOS than someone's personal *nix machine.
More information about the NANOG