[ale] 300,000 failed login attempts in 6 months!!!
Forsaken
forsaken at targaryen.us
Tue Aug 19 19:06:27 EDT 2008
On Aug 19, 2008, at 6:21 PM, Michael B. Trausch wrote:
> Service detection performed. Please report any incorrect results at
> http://insecure.org/nmap/submit/ .
> Nmap done: 1 IP address (1 host up) scanned in 6.306 seconds
>
> Of course, port 8080 is not typically used for SSH traffic, it's
> usually
> used for an HTTP proxy. It's easily detected on any port, though...
>
> Are they that easily fooled, or do they just think that a few
> seconds is
> too much time to waste on scanning?
>
Port scanning an entire netblock for every possible available port is
a very large increase in scan time (and if your IDS/IPS is any good,
chances are it'll notice it). It's not a panacea, but it can buy you
some relief from the joyriders unless they're especially bored that
night.
More information about the Ale
mailing list