24 Jan
2023
24 Jan
'23
4:51 p.m.
It is relatively easy to autoblock such scanners at a gateway due to the large address
space that we have, and its relatively sparse use.
Once you notice a lot of incoming traffic on unallocated subnets, you know it is from a
scanner.
Rob
On 1/24/23 22:26, David Ranch via 44net wrote:
I was recently seeing a *lot* of scanning traffic from some of these censys-scanner.com
IPs on my AMPR subnet. Personally, I consider crap like this as an attack yet people and
companies think what they are doing is completely OK. Grrrr.. I imagine a lot of other
AMPR subnets are also getting scanned which I don't think is OK. Maybe we can get
their subnets BLOCKED at the UCSD Internet gateway?