|
|
|
|
|
|
by chatmasta
836 days ago
|
|
|
I think it's just that most scanning tools aren't trying to unwrap a TCP packet inside a TCP packet, so it bypassed their naive filters. Once a researcher spotted it, it was trivial to unwrap, but automated tooling would just see it as the outer TCP packet with some opaque data inside of it. I would assume that the attacker's destination IP would show up on some dashboards somewhere though... |
|
|