Re: Scans for telnetd on DNS servers.

I wonder...

Could this be a SSH scan by some stupid script kiddie that mistook the
telnet port# for that of SSH?


I observed a sudden increase of 23/tcp probes on Feb 28 at 16:00 GMT
(from more or less zero to approx. 1500 probes per hour). It lasted for
10 hours, then it stopped almost quickly as it started. It was neither a
focused probing of a certain kind of devices, nor any systematic sweep --
various IP addresses (including broadcast and other reserved addresses) in
our network were hit in a seemingly random manner.

--Pavel Kankovsky aka Peak [ Boycott Microsoft--
"Resistance is futile. Open your source code and prepare for