Hey Mark,

>> I switched to a different telnet port.. I've probably got maybe a week
>> before the 'sniffers' find it .

> they shouldn't... at least not the bots... they're simply not designed for
>that... generally speaking, all they do is go after the stuff on default ports
>with default user names and passwords...

Heh, that is true.. wasn't thinking of that ... I was thinking some evil sh_t
in a devils costume running sniffer software   But you are
absolute right.

>in the case of MIRAI, it also looks o
>port 2323 because that's a default port for some of the DVRs, cameras and othe
> IoT stuff they are targetting... now that the source code has been released,
> this may change...

Glad I didn't use that port 

> FWIW: MIRAI is not the only game in town hunting down IoT devices... there is
>at least one other... MIRAI actually goes as far as killing off other services
> in the device to prevent other infestations from getting in... that also
>removes the admin GUI so if someone is going to try to do something with their
>device and they can connect to it, they'll turn it off and back on which dumps
> MIRAI from memory and the device is clean for a few minutes until it gets
> scanned again and the owner hasn't changed the default password...

Insane crap you have to think of these days.

Thanks again,
Janis

--- BBBS/Li6 v4.10 Dada-2