nanog mailing list archives
Re: Scanning the Internet for Vulnerabilities
From: Mark Seiden <mis () seiden com>
Date: Sun, 19 Jun 2022 11:17:25 -0700
greetings. it should be mentioned that shadowserver also notifies those who register as the owners of that address space. it’s very useful. (it would be more useful if they calculated diffs and notified about changes/additions.) my thinking about this sort of thing, in general, is: - it depends on who’s doing it and why, and what they do with the information (so what keeps you from doing it for the benefit of your less clueful downstream customers?) - absolutely nothing prevents bad guys from doing it, so discouraging it fits in the category of “politeness rules only observed by nice people”. - it’s polite enough for me for the good guys to identify themselves so you (the target) can worry less when you notice the activity. (btw, this reasoning applies also about crawls of content from the wayback machine.)
On Jun 19, 2022, at 10:45 AM, Forrest Christian (List Account) <lists () packetflux com> wrote: Correction... shadowserver.org <http://shadowserver.org/> They scan the entire ipv4 internet daily for select potential vulnerabilities. On Sun, Jun 19, 2022, 11:43 AM Forrest Christian (List Account) <lists () packetflux com <mailto:lists () packetflux com>> wrote: See shadowserver.net <http://shadowserver.net/> On Sun, Jun 19, 2022, 4:13 AM Ronald F. Guilmette <rfg () tristatelogic com <mailto:rfg () tristatelogic com>> wrote: I would like to solicit the opinions of network operators on the practice of scanning all of, or large chunks of the internet for known vulnerabilities. In earlier times, this was generally viewed as being distinctly anti-social behavior, but perhaps attitudes have changed relative to earlier eras. I would thus like to know how people feel about it now, in 2022. Regards, rfg P.S. Just to be clear, I personally have neither any desire nor any intent to undertake such activity myself, nor am I in communiacation with any party or parties that have such an intent or desire. I cannot however say that I am unaware of any parties that may currently be involved in such activities.
Current thread:
- Scanning the Internet for Vulnerabilities Ronald F. Guilmette (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Jorge Amodio (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Dovid Bender (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Ronald F. Guilmette (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Dovid Bender (Jun 19)
- Re: Scanning the Internet for Vulnerabilities John Kristoff (Jun 20)
- Re: Scanning the Internet for Vulnerabilities Ronald F. Guilmette (Jun 19)
- RE: Scanning the Internet for Vulnerabilities David Guo via NANOG (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Randy Bush (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Forrest Christian (List Account) (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Forrest Christian (List Account) (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Mark Seiden (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Mark Seiden (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Amreesh Phokeer (Jun 19)
- Re: Scanning the Internet for Vulnerabilities J. Hellenthal via NANOG (Jun 19)
- Re: Scanning the Internet for Vulnerabilities Mel Beckman (Jun 19)
- Re: Scanning the Internet for Vulnerabilities J. Hellenthal via NANOG (Jun 20)
- Re: Scanning the Internet for Vulnerabilities Carsten Bormann (Jun 20)
- Re: Scanning the Internet for Vulnerabilities Matt Palmer (Jun 20)
- Re: Scanning the Internet for Vulnerabilities Joe Maimon (Jun 20)
- Re: Scanning the Internet for Vulnerabilities bzs (Jun 21)
- Re: Scanning the Internet for Vulnerabilities John Curran (Jun 22)
- Re: Scanning the Internet for Vulnerabilities Forrest Christian (List Account) (Jun 19)