Indeed

Right, it would be started basically exactly the opposite. Certainly not a statement followed by an if block.

Those would all start with the if, followed by two conditions, not a statement and then an if. There would be a condition to evaluate, followed by then/else?

Maybe it’s just worse when written. The period at the end of the sentence makes it hard to see how it could be misunderstood.

To your point though, not sure if I’m aware of any programming language that would continue a statement with a following if block. Far more likely that it would fail due to lack of an element to apply the 6 to rather than having a pointer to the previous object, or he would try getting what ever the literal version of a 6 would be, or maybe some slang version.

Kind of, though with rules. I think I’m describing something closer to structured, encrypted torrents.

On a related note, it would be nice if there was a shared storage option for self hosting. It wouldn’t be the same as self hosting, but more like distributed hosting where everyone pools storage they have available and we could have an encrypted sharing option.

He’s doing it ironically to own the libs and mock them for thinking he was a Nazi.

The playbook isn’t all that deep.

Well ‘no benefits’ is a bit of a stretch.

A benign scan could just be looking for an ftp server to connect to or a repeater or relay server of some sort. There are plenty of open services people make available for free and the fact that you would consider it an attack it doesn’t make it one.

At minimum you could be alerted to look for someone attempting to connect to your ftp server with a single basic anonymous authentication vs someone flooding that port with known malicious software attacks, and block the latter across your entire network and effectively ignore the former. Really it seems like you’re advertising your lack of imagination in this context than a legitimate lack of possible uses for spoofing open ports.

That’s probably a majority of the point. Falsely report that some interesting ports are open and he’ll spend time on them and potentially trigger alerts or blocks.

Fake open ports aren’t something a normal user would bother with or understand, but with all the tools available in the nefarious side, it makes sense to have options that make their job harder if you’re willing to use them.

Maybe what you’re referring to is along the lines of a port being open but the software on the other side of it not sending acknowledging responses?

At a guess, you might tell the difference between some benign scan and an attempt to actually take advantage of the port, perhaps to use as a trigger to automatically ban an ip address? or a way to divert malicious resources to an easy looking target so they are less available in other areas?

The difference between someone scanning for open ports and someone attacking a port they find open seems significant enough to at least track and watch for patterns… Whether that’s useful for the majority of users or not is rarely why a feature is implemented.