how to deal with port scan and brute force attack from AS 8075 ?

Bacon Zombie baconzombie at
Thu Apr 7 13:59:48 UTC 2016

They should always just use Shodan.

On 4 April 2016 at 05:54, Brandon Vincent <Brandon.Vincent at> wrote:
> On Thu, Mar 31, 2016 at 4:41 AM, DV <iamzam at> wrote:
>> I have noticed this and especially the strange format of the packets with a
>> SYN/ECE/CWR flag combination:
>> This may be $whoever trying to establish network performance/congestion via
>> ECN or it could be something else like a fast scan technique or OS
>> fingerprinting
> It's OS fingerprinting. Targeted attacks are far more productive. If
> I'm trying to get into an organization, I'd much rather be interested
> in Juniper ScreenOS than someone's personal *nix machine.
> Brandon Vincent




LOAD "*",8,1

More information about the NANOG mailing list