I am having fun playing with the slow syn flood of spoofed packets someone is sending. I appreciate them sending it. I like the variability in the TCP MSS, TTL, Window sizes they are sending.

Thus far I am letting some leak through it would seem.

    100 SYN received in 15.03 seconds

    100 SYN-ACK returned in 3 minutes and 22.03 seconds.

Paramiko v4.0.0 (the latest) gets past the version string, it seems, but dies instantly on failed KEX, which is another convenient incompatibility. It does mean that even legitimate SSH bots in Python will fail though.