Re: many attempts to access port 137 from the Internet - are these vulnerability scans?

Relevant Pages

• Re: many attempts to access port 137 from the Internet - are these vulnerability scans?
  ... >>> From all different source IPs. ... Are these port scans by potential ... >>> attackers? ...
  (comp.security.firewalls)
• Re: many attempts to access port 137 from the Internet - are these vulnerability scans?
  ... >Destination:X.X.X.X, 137, LAN ... >>From all different source IPs. ... Are these port scans by potential ...
  (comp.security.firewalls)
• Re: slow scans?
  ... >This is a somewhat generic information query for methods to detect slow ... >port scans and network scans using IDS (or whatever ... (This didn't entirely parse for me; Spice is what is discussed in ... difficult to apply effectively against scans where the source IPs ...
  (Focus-IDS)
• RE: auth.log & intruder prevention
  ... The simplest is to add a deny rule to your firewall for the ... If you know the ip address of your authorized ssh users then add ... port 22 and deny all else. ... Attackers who beat on ssh/telnet/ftp are looking to break into your ...
  (freebsd-questions)
• Re: able to login as root via ssh :-(
  ... changing port numbers is little more than leaving the door key under the flower pot instead of under the mat. ... In theory, I agree with your assessment--security by obscurity is no real security, however, in practice, if you hid your key under the flower pot and hundreds of thousands of your neighbors hid theirs under their mats, you've raised the ante for would be attackers. ... a simple port move completely eliminated script kiddies knocking on my ssh port. ... This ruleset should rate limit ssh connections to 10/hour with a burst limit of 3. ...
  (Fedora)