They should always just use Shodan. https://www.shodan.io/explore
On 4 April 2016 at 05:54, Brandon Vincent <brandon.vinc...@asu.edu> wrote: > On Thu, Mar 31, 2016 at 4:41 AM, DV <iam...@gmail.com> wrote: >> I have noticed this and especially the strange format of the packets with a >> SYN/ECE/CWR flag combination: http://pastebin.com/jFCDAmdr >> >> This may be $whoever trying to establish network performance/congestion via >> ECN or it could be something else like a fast scan technique or OS >> fingerprinting > > It's OS fingerprinting. Targeted attacks are far more productive. If > I'm trying to get into an organization, I'd much rather be interested > in Juniper ScreenOS than someone's personal *nix machine. > > Brandon Vincent -- BaconZombie 55:55:44:44:4C:52:4C:52:42:41 LOAD "*",8,1
