Why you should be clever, and shouldn’t use default ports [RESPONSE TO SHODAN]

ssh blocklist

But if we go a step further, once you take a look at the behavior of malware, you will see that a lot of malware will try to connect to the threat actors C&C by using default ports. So an IT environment which does not use default ports, will allow the security professional to identify the malware connection in a faster pace by searching for “default” ports and anomalies in the network connections which are not used in the IT environment.