24 Jan
2023
24 Jan
'23
5:26 p.m.
As someone who uses censys scans a lot when doing research, I'd be very
sad to see more networks blocking censys (or wasting effort blocking
port scans in general). I'm in network security and I don't bother to
block these, even. Unless it's actually interfering in some way with
your operations, it is completely harmless and allows us to answer
questions about what kinds of things people are doing with the Internet.
On 2023-01-24 13:51, Rob PE1CHL via 44net wrote:
It is relatively easy to autoblock such scanners at a
gateway due to
the large address space that we have, and its relatively sparse use.
Once you notice a lot of incoming traffic on unallocated subnets, you
know it is from a scanner.
Rob
On 1/24/23 22:26, David Ranch via 44net wrote:
I was recently seeing a *lot* of scanning traffic from some of these
censys-scanner.com IPs on my AMPR subnet. Personally, I consider
crap like this as an attack yet people and companies think what they
are doing is completely OK. Grrrr.. I imagine a lot of other AMPR
subnets are also getting scanned which I don't think is OK. Maybe we
can get their subnets BLOCKED at the UCSD Internet gateway?
_______________________________________________
44net mailing list --44net(a)mailman.ampr.org
To unsubscribe send an email to44net-leave(a)mailman.ampr.org