3 Jul
2017
3 Jul
'17
12:20 p.m.
However, there's quite a bit more insidious kind
of traffic. The Nagra
people (Kudelski Switzerland) are probing our network with false
NTP packets from the subnet 185.35.62.0/23. The comment in the RIPE
database is
inetnum: 185.35.62.0 - 185.35.63.255
descr: This IP network is used for Internet security research. Internet-scale
port scanning activities are launched from this network. Don't hesitate to
contactportscan at nagra.com <http://hamradio.ucsd.edu/mailman/listinfo/44net>
would you have any question.
I've added that subnet to the "security
research" blocking list here.
Seems it's a never-ending battle.
It sure is. 185.35.60.0/22 was already in the blocklist here, I have seen
"research" traffic from the bottom half of that network as well.
Rob
2698
days inactive
2698
days old
0 comments
1 participants
participants (1)
-
Rob Janssen