On Thu, 3 Dec 2020 at 06:00, Ed Greshko <ed.greshko@xxxxxxxxxxx> wrote:
[...] I can't think of anyone that would go through the
trouble of unpacking pcap output to find IP addresses they could attack. They either
farm IP addresses from emails, dns queries, or just plain find blocks of IP addresses
to attack.
To this observation, add the fact that I have a few systems which are "open" for the
express purpose of cataloging where ssh attacks are sourced. The systems I have
are both IPv4 and IPv6. All attacks have been against IPv4. In over a year of these
systems supporting IPv6 there have been Zero attacks on those addresses.
As more systems use IPv6, bad actors will have to collect active IPv6 addresses. You may
be one of the first to see that start.
George N. White III
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx