[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] 300,000 failed login attempts in 6 months!!!
- Subject: [ale] 300,000 failed login attempts in 6 months!!!
- From: forsaken at targaryen.us (Forsaken)
- Date: Tue, 19 Aug 2008 19:06:27 -0400
- In-reply-to: <1219184504.27794.2.camel@zest>
- References: <003301c90200$e959c5c0$0301000a@S0030153310> <[email protected]> <1219182293.25674.0.camel@zest> <[email protected]> <1219184504.27794.2.camel@zest>
On Aug 19, 2008, at 6:21 PM, Michael B. Trausch wrote:
> Service detection performed. Please report any incorrect results at
> http://insecure.org/nmap/submit/ .
> Nmap done: 1 IP address (1 host up) scanned in 6.306 seconds
>
> Of course, port 8080 is not typically used for SSH traffic, it's
> usually
> used for an HTTP proxy. It's easily detected on any port, though...
>
> Are they that easily fooled, or do they just think that a few
> seconds is
> too much time to waste on scanning?
>
Port scanning an entire netblock for every possible available port is
a very large increase in scan time (and if your IDS/IPS is any good,
chances are it'll notice it). It's not a panacea, but it can buy you
some relief from the joyriders unless they're especially bored that
night.