When you see someone probing every single port on the box, you know they’re eith... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tw04 on Dec 25, 2024 \| parent \| context \| favorite \| on: Portspoof: Emulate a valid service on all 65535 TC... When you see someone probing every single port on the box, you know they’re either a bad actor, or a security tool. No legit user is going to keep hammering ports without a known service. Bad actors you can either block or counter attack. Security tools should be registering their address with whatever internal tracker you’re using so they can be white listed.

phoronixrly on Dec 25, 2024 [–]

> When you see someone probing every single port on the box, you know they’re either a bad actor

That is not what the tool is for though... It is a tool specifically made to hinder... IDK... Making any information out of an NMAP scan?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact