over 50% of ssh brute forcers have port 22 open by themselves!
Published on 19.09.2013 14:34
badips.com creates statistics based on IPs reported to our database. One new feature we added is a port scan to every reported IP. It seems like most attackers are compromised hosts as well.
Some have port 22 open, others port 80 and a few have 443 open. All this ports can be used to break into a system and should be well protected.
We are planing a new free service where we send automated emails to the abuse address of hosts that have port 22,80 or 443 open to inform them about a possible compromise of their systems.
If you have been blocked or scanned as well and do not like it, please let us know: Write an email to email@example.com and we will stop scanning you.