GCIH brought me here. Page 13 to be exact.

Nice presentation! 43 min into it on the compromised servers slide- port 2222 is also pretty popular for SBO (Security by Obscurity) for SSH. :)

Great talk. V informative for anyone in infosec

How does using RITA compare with having a firewall with all bells and whistles (Palo, Cisco and the like that claim to be able to pickp c2 beaconing) plus an EDR in the environment? What are the GAPs that RITA might be able to cover? John mentions in the cast to try and run dnscat or other tools, we might give these a try, but wouldn't our EDR pick these up?

Ajint details explain Potcal

GCIH book 504.4 public facing and drive by attack by joshua writ broght me here