The main problem I have with those services is that there are so many of them. It may well be that there is some purpose in having research data available for some purposes, but at this time the amount of traffic for all that scanning from all those different companies and individuals that do it causes more traffic then the actual useful traffic by the users. When we would route that all into our radio network, it would overwhelm the network. If it would be only a single service that would be scanning at a responsible rate, I would have less of a problem with it.
Rob
On 1/24/23 23:26, Falcon Darkstar Momot via 44net wrote:
As someone who uses censys scans a lot when doing research, I'd be very sad to see more networks blocking censys (or wasting effort blocking port scans in general). I'm in network security and I don't bother to block these, even. Unless it's actually interfering in some way with your operations, it is completely harmless and allows us to answer questions about what kinds of things people are doing with the Internet.
On 2023-01-24 13:51, Rob PE1CHL via 44net wrote:
It is relatively easy to autoblock such scanners at a gateway due to the large address space that we have, and its relatively sparse use. Once you notice a lot of incoming traffic on unallocated subnets, you know it is from a scanner.
Rob