Re: [44net] syn and such attacks on 44 net lately ?

Maiko, I see mostly HTTP (tcp/80) RDP (tcp/3389), Telnet (tcp/23), DNS (udp/53) and ping (ICMP type 8), just common port scans on the net. Mostly Advansed Persistent Threat gangs looking for vunerable machines via already compromised devices. They've been prevalent on the Internet since Mandiant exposed the ongoing "cyberwar." N1URO is correct, HTTPS probing was probably started when Heartbleed was announced... ...if you have records of connections before it was made public on April 8th (as I recall), that information may be useful...you may have discovered someone who knew/exploited the HTTPS/OpenSSL threat pre zero-day. -KB3VWG