That’s probably a majority of the point. Falsely report that some interesting ports are open and he’ll spend time on them and potentially trigger alerts or blocks.
Fake open ports aren’t something a normal user would bother with or understand, but with all the tools available in the nefarious side, it makes sense to have options that make their job harder if you’re willing to use them.
Maybe what you’re referring to is along the lines of a port being open but the software on the other side of it not sending acknowledging responses?
At a guess, you might tell the difference between some benign scan and an attempt to actually take advantage of the port, perhaps to use as a trigger to automatically ban an ip address? or a way to divert malicious resources to an easy looking target so they are less available in other areas?
The difference between someone scanning for open ports and someone attacking a port they find open seems significant enough to at least track and watch for patterns… Whether that’s useful for the majority of users or not is rarely why a feature is implemented.
I feel like it won’t be AI until we figure out how to point it back at itself, have it review its own answers and then be ‘happy’ when it’s answers are right. Not necessarily like if the user gives it a good score, but if it recognizes an answer it had given was actually used, or a prediction it makes if proved true (if I answer this way, the user is likely to ask this as its next question, etc) and it starts changing its behaviour, and asking itself questions to get better at that.
Soap over the main parts, and lather with that over everything
Same reason people have gone on for a million years. Noe of that matters or is really as bad as it sound at an individual level. Individually you have it better now than at any point in history, asking why ‘you’ should go on because of the unknown future effects of the climate crisis (which is real enough, and shouldn’t be understated) sounds more like depression than a valid outlook that people should have considering actual world events.
Even the worst off people on earth, on average, are better off now than they were 1000s or even 100s of years ago. There have always been poverty, starvation, wars, rich taking advantage of the poor, and fewer safeguards or oversight on top of that.
Same reason people have gone on for a million years. Noe of that matters or is really as bad as it sound at an individual level. Individually you have it better now than at any point in history, asking why ‘you’ should go on because of the unknown future effects of the climate crisis (which is real enough, and shouldn’t be understated) sounds more like depression than a valid outlook that people should have considering actual world events.
Even the worst off people on earth, on average, are better off now than they were 1000s or even 100s of years ago. There have always been poverty, starvation, wars, rich taking advantage of the poor, and fewer safeguards or oversight on top of that.
A benign scan could just be looking for an ftp server to connect to or a repeater or relay server of some sort. There are plenty of open services people make available for free and the fact that you would consider it an attack it doesn’t make it one.
At minimum you could be alerted to look for someone attempting to connect to your ftp server with a single basic anonymous authentication vs someone flooding that port with known malicious software attacks, and block the latter across your entire network and effectively ignore the former. Really it seems like you’re advertising your lack of imagination in this context than a legitimate lack of possible uses for spoofing open ports.