CLIENT29-41FD54:2095
OK. So This morning I had someone trying to brute force their way into some of our company's system. Normally if I encounter this issue I'll block the ip subnet and/or create ACL's accordingly. What in the heck is the above? I know it's connecting from port 2095 but that's obviously not an IP. What kind of identification is that? This was outputted via a nestat -a
Any thoughts? The security flaw is sealed now but still.....
OK. So This morning I had someone trying to brute force their way into some of our company's system. Normally if I encounter this issue I'll block the ip subnet and/or create ACL's accordingly. What in the heck is the above? I know it's connecting from port 2095 but that's obviously not an IP. What kind of identification is that? This was outputted via a nestat -a
Any thoughts? The security flaw is sealed now but still.....