[44net] Re: Request: Blocking censys-scanner.com scans on AMPR subnets

It is relatively easy to autoblock such scanners at a gateway due to the large address space that we have, and its relatively sparse use. Once you notice a lot of incoming traffic on unallocated subnets, you know it is from a scanner.

Rob

On 1/24/23 22:26, David Ranch via 44net wrote:

I was recently seeing a *lot* of scanning traffic from some of these censys-scanner.com IPs on my AMPR subnet.  Personally, I consider crap like this as an attack yet people and companies think what they are doing is completely OK.  Grrrr..  I imagine a lot of other AMPR subnets are also getting scanned which I don't think is OK.  Maybe we can get their subnets BLOCKED at the UCSD Internet gateway?