[ale] 300,000 failed login attempts in 6 months!!!

Forsaken forsaken at targaryen.us
Tue Aug 19 19:06:27 EDT 2008


On Aug 19, 2008, at 6:21 PM, Michael B. Trausch wrote:
> Service detection performed. Please report any incorrect results at
> http://insecure.org/nmap/submit/ .
> Nmap done: 1 IP address (1 host up) scanned in 6.306 seconds
>
> Of course, port 8080 is not typically used for SSH traffic, it's  
> usually
> used for an HTTP proxy.  It's easily detected on any port, though...
>
> Are they that easily fooled, or do they just think that a few  
> seconds is
> too much time to waste on scanning?
>

Port scanning an entire netblock for every possible available port is  
a very large increase in scan time (and if your IDS/IPS is any good,  
chances are it'll notice it). It's not a panacea, but it can buy you  
some relief from the joyriders unless they're especially bored that  
night.



More information about the Ale mailing list