| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Unwanted connections to port 23. |
On 2017 Jun 12 06:24:08, you wrote to me: ML>> intrusion detection systems are the only things i've seen that come ML>> close but the connection and attempted login still has to take ML>> place... the *ONLY* other option is to get off of port 23 and the ML>> other few that MIRAI specifically targets... that includes the ML>> default SSH port as well... jl> I've just come across a utility, called "PSAD", it is a port scanning jl> utility.. if the "danger level" meets a certain threshold, it will jl> automatically block the offending IP address. Pretty cool. I'm still jl> testing it out at the moment, but this may be what i've been looking jl> for. i can't say that i've ever heard of it but these bots are not port scanning... they're connecting and spewing their login stream... if there's nothing there to connect to, they cannot spew and they move on to the next IP address they've been directed to look at... )\/(ark Always Mount a Scratch Monkey Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong... ... 56. Admit it when you're wrong. ---* Origin: (1:3634/12.73) SEEN-BY: 103/705 116/116 120/544 123/141 135/300 138/146 140/1 153/7715 154/10 SEEN-BY: 201/0 203/0 210 221/0 1 6 360 227/51 230/0 240/1661 5832 249/303 SEEN-BY: 261/38 266/404 512 275/100 280/464 5003 292/854 310/31 320/219 342/17 SEEN-BY: 342/77 423/81 120 633/267 280 712/848 770/1 2320/100 3634/12 15 24 27 SEEN-BY: 3634/50 3828/7 5020/715 @PATH: 3634/12 140/1 221/0 1 203/0 280/464 712/848 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.