I'm not at all sure that Shodan is blocked on amprgw. There are more than 2,000 IP addresses that are blocked, with more being added from time to time, plus there are a number of tcp and udp destination ports that are blocked from all IP addresses, but there's no way to be sure that these lists include all Shodan and other scanners.
I have found that most opt-out forms are a waste of time, if indeed they don't have the opposite effect of inviting additional scanning. - Brian
On Fri, May 25, 2018 at 09:38:07AM +0200, Rob Janssen wrote:
especially before Shodan was blocked on AMPR...
Has Shodan been blocked on amprgw or have they been convinced to stop scanning AMPRnet? There are still various agressive scanners active from internet, and I have some scripts to automatically add them to a blocklist but it still is an ever increasing load on the network.
For example, "stretchoid.com" is an agressive scanner that changes addresses all the time (but does keep reverse-DNS records on their virtual servers so easy to identify).
They do have an opt-out form but it is a NOP. (I have completed it 3 times at 1-month intervals but no reply and no effect on the scanning... maybe Brian should try it as he is listed in the whois as the owner of NET44)
Of course there are others, like security.ipip.net and binaryedge.ninja. Plus the many many other scanners, "researchers", etc.
Rob