On 2017 Jun 12 00:54:18, you wrote to All:   
      
    Ig> I've since recently put my board back on port 23... and I now recall   
    Ig> why I took it off of it. I keep getting all of these connections from   
    Ig> hackers, I take it.   
      
   they are not hackers... at best they are skiddies but in reality, it is the   
   MIRAI botnets trying to see if your system is a vulnerable IoT (Internet of   
   Things) device like an IP Camera or a DVR or smart TV and similar... anything   
   that has default login credentials hardcoded in it...   
      
    Ig> Anyone know of a way to filter these bad connections?   
      
   there is none, really... you have to let them connect and then dump them based   
   on the data they shove at you without waiting for any prompts... yes, that's   
   right... they do not look for and respond to any sort of login prompts... they   
   just start spewing their login stuff followed by the shell commands to fire   
   off busybox...   
      
    Ig> I've tried Janis' iptables suggestion, but it isn't working.   
      
   intrusion detection systems are the only things i've seen that come close but   
   the connection and attempted login still has to take place... the *ONLY* other   
   option is to get off of port 23 and the other few that MIRAI specifically   
   targets... that includes the default SSH port as well...   
      
   )\/(ark   
      
   Always Mount a Scratch Monkey   
   Do you manage your own servers? If you are not running an IDS/IPS yer doin' it   
   wrong...   
   ... WANTED: Meaningful overnight relationship.   
   ---   
    * Origin:  (1:3634/12.73)