Interesting type of attack: People sending out TCP packets with a spoofed source address, targeting port 22 on random (or not) IP addresses on the net.

scy@chaos.social

Interesting type of attack: People sending out TCP packets with a spoofed source address, targeting port 22 on random (or not) IP addresses on the net.

Not to probe whether there's SSH on that server, but to generate abuse reports against the spoofed IP, in order to force it off the net.

delroth's homepage - One weird trick to get the whole planet to send abuse complaints to your best friend(s)

delroth's homepage (delroth.net)

Keep this in mind when you receive abuse reports. _Especially_ if you're an ISP.

#infosec #networking #sysadmin