|
|
|
|
|
|
by mordechai9000
1680 days ago
|
|
|
I kind of agree. It's mostly automated searches for targets with known vulnerabilities or default credentials. It's fine to block it, but it's not really contributing much to overall security. The fact is, a serious attacker isn't going to trigger an "x events in y seconds" rule, and even if they do it's not going to stop them. People get very worked up about port scans and ping sweeps, even spending time manually managing block lists or responding to alerts for simple bot traffic. It's security theater. |
|
|