Subj : Another Interesting Error... To : Janis Kracht From : mark lewis Date : Wed Oct 05 2016 14:46:42 05 Oct 16 07:36, you wrote to Shawn Highfield: JK> I switched to a different telnet port.. I've probably got maybe a week JK> before the 'sniffers' find it . they shouldn't... at least not the bots... they're simply not designed for that... generally speaking, all they do is go after the stuff on default ports with default user names and passwords... in the case of MIRAI, it also looks on port 2323 because that's a default port for some of the DVRs, cameras and other IoT stuff they are targetting... now that the source code has been released, this may change... FWIW: MIRAI is not the only game in town hunting down IoT devices... there is at least one other... MIRAI actually goes as far as killing off other services in the device to prevent other infestations from getting in... that also removes the admin GUI so if someone is going to try to do something with their device and they can connect to it, they'll turn it off and back on which dumps MIRAI from memory and the device is clean for a few minutes until it gets scanned again and the owner hasn't changed the default password... )\/(ark Always Mount a Scratch Monkey Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong... .... Take my advice, I don't use it anyway. --- * Origin: (1:3634/12.73) .