Discussion in 'other firewalls' started by ronjor, Dec 12, 2005.
5% seems like a big number to me. :/
and 0,05 % (of the 5 %) attacks are successfull.
Are that 1, 10 or 1000000 successfull attacks a year ??
Schneier on Security
One reason (mentioned in the comments in Schneier's blog) is that attackers are getting smarter with port scans - either doing them well in advance of the main attack or spreading them over time and via different addresses to avoid being identified as scans. They are still important as a first step (like scouting the terrain before a military attack) but identifying them will become much more difficult, requiring analysis of traffic patterns over a longer period (days or even weeks).