10 May
2017
10 May
'17
5:37 p.m.
On Wed, May 10, 2017 at 11:42:27PM +0200, Rob Janssen wrote:
I have a static blocking table that has the addresses
of shodan.io and
other miscreants of this world, and the "research institutes" that consider
it research to scan other people's networks to map out vulnerabilities
etc. That includes 169.228.66.91 and 169.228.66.138 but there are lots
of others so no need to get worried.
Well, yes, I find the first of those two machines you list to be
professionally somewhat embarrasing, as I'm the sysadmin for it.
I'm informed that the research they're doing was approved by the
relevant review groups, and that upon request they'll block probes to
your addresses, but I'm still not very happy about it. The second one
runs a wall display in the department, it shouldn't be probing anything.
It's a reassigned machine, so perhaps a previous user of that machine
was doing some research scanning too. Sorry about that.
- Brian