|
|
|
|
|
|
by wvenable
2103 days ago
|
|
|
What I've found these days monitoring my own network is that there is now 2 waves -- a port scan and then the attack. If I change a port for anything to another random port I won't get any login attempts for a few days but eventually I start getting hit again. I can repeat this over and over. I imagine what is happening is that the bad actors are scanning for open ports and they feed that periodically to another process that attempts logins. |
|
|