Minipot attacks decreased by nearly a half from the preceding month in August. The subnet 18.104.22.168/24 members were not so active last month, and we can see addresses from other countries emerging at the top of the table. Notable mentions go to some European countries, namely Germany and Romania, who got back into the spotlight.
Thanks to the fact that there is consistently a lack of a bigger margin between telnet and HTTP attack counts, we can say that there were slightly more attacks regarding the HTTP protocol than telnet this month. When we compare all previous reports (and include this one, of course), we can state that big port scans are not that frequent. It looks like attackers are more often going after specific ports to exploit than doing a full-range sweep.
UDP port numbers 52666 and 24293 jumped to the top of the table out of nowhere. We were unable to find any information about what might be running on those ports; if you have any theories about what it is and why it might be interesting, let us know.
The P@ssw0rd mentioned in the previous report dropped significantly, but it does not make it any safer. Sequential passwords like last month’s winner 1qazXSW@ can look safe but could be an open invitation for hackers. Do not use them; although they look random, sequences seem to be, according to our gathered data, much more popular than dictionary terms these days.