* Originally in bbbs.english
* Crossposted in fido_sysop
* Crossposted in fidonews
* Crossposted in fn_sysop
* Crossposted in sync_sysops
02 Oct 16 15:31, you wrote to me:
>>> I've noticed INTENSE swarming of jerks on the telnet and also HTTP
>>> server here :(
>> when they connect, do they immediately start emitting text that
>> consists of a user name, password and then a specific sequence of
>> commands?? the specific sequence of commands is what i'm interested
>> in...
JK> No, but I think I know the kind of connection you are talking about.
JK> I have seen those in the past. Now the kind of connections I get on
JK> the telnet port and http port are connect/disconnect... Repeatedly.
here's a series of links regarding what i was specifically talking about... the
first one contains a thank you to someone you know and was involved in early
detection ;)
http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html
http://tinyurl.com/j5mqwkf
https://www.helpnetsecurity.com/2016/09/07/mirai-linux-trojan-iot-ddos-botnets/
http://tinyurl.com/zggknfv
http://motherboard.vice.com/read/15-million-connected-cameras-ddos-botnet-brian
-krebs
http://tinyurl.com/zsrmgue
http://motherboard.vice.com/read/hacker-releases-code-that-powered-record-break
ing-botnet-attack
http://tinyurl.com/hl4jclt
)\/(ark
Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it
wrong...
... Marriage is an expensive way to get your laundry done free.
---
* Origin: (1:3634/12.73)
|