On 02/08/2019 14:12, Fred Smith wrote:
but the amount of attempted traffic on that port certainly does seem like it could be a botnet banging on me.
One thing that you could try is to port forward that port to an actual listening port (think like running nc/netcat in listening mode). That way it will complete the TCP handshake and you can see what commands (if any) it sends, might be useful to record it with tcpdump / wireshark.
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos