05 Oct 16 07:36, you wrote to Shawn Highfield:

 JK> I switched to a different telnet port.. I've probably got maybe a week
 JK> before the 'sniffers' find it .

they shouldn't... at least not the bots... they're simply not designed for
that... generally speaking, all they do is go after the stuff on default ports
with default user names and passwords... in the case of MIRAI, it also looks on
port 2323 because that's a default port for some of the DVRs, cameras and other
IoT stuff they are targetting... now that the source code has been released,
this may change...

FWIW: MIRAI is not the only game in town hunting down IoT devices... there is
at least one other... MIRAI actually goes as far as killing off other services
in the device to prevent other infestations from getting in... that also
removes the admin GUI so if someone is going to try to do something with their
device and they can connect to it, they'll turn it off and back on which dumps
MIRAI from memory and the device is clean for a few minutes until it gets
scanned again and the owner hasn't changed the default password...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it
wrong...
... Take my advice, I don't use it anyway.
---