Subj : Re: Banned
To   : DIGIMAUS
From : Mike Powell
Date : Wed May 01 2024 08:22:00

> What's funny is that I have port 22 wide open and interestingly enough, the
> rest of my filters are empty:

> {'recidive-subnet': ['163.47.39.0', '129.226.147.0', '43.134.118.0',
> '154.16.56.0', '192.144.65.0', '43.163.237.0', '124.156.223.0',
> '43.130.42.0', '43.163.214.0', '43.134.111.0', '20.197.49.0']}

> Almost all of the above are from Chinese ISPs.

Many of mine are from China also.  When I had 22 open I noticed that the
scripts hit that port (SSH) a *lot* harder than the standard telnet port.
I found that interesting since SSH is encrypted but, then again, most IoT
devices are probably more likely to have an SSH port open vs. a telnet port.

Mike


 * SLMR 2.1a * A problem can be found for almost every solution.
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)

.