btw, if you want to do this yourself, you might consider using something like
https://github.com/opsdisk/scantron > On Jun 19, 2022, at 11:17 AM, Mark Seiden <m...@seiden.com> wrote: > > greetings. > > it should be mentioned that shadowserver also notifies those who register as > the owners of that address space. > it’s very useful. (it would be more useful if they calculated diffs and > notified about changes/additions.) > > my thinking about this sort of thing, in general, is: > > - it depends on who’s doing it and why, and what they do with the information > (so what keeps you from doing it for the benefit of your less clueful > downstream customers?) > > - absolutely nothing prevents bad guys from doing it, so discouraging it fits > in the category of > “politeness rules only observed by nice people”. > > - it’s polite enough for me for the good guys to identify themselves so you > (the target) can worry > less when you notice the activity. > > (btw, this reasoning applies also about crawls of content from the wayback > machine.) > > > >> On Jun 19, 2022, at 10:45 AM, Forrest Christian (List Account) >> <li...@packetflux.com <mailto:li...@packetflux.com>> wrote: >> >> Correction... shadowserver.org <http://shadowserver.org/> >> >> They scan the entire ipv4 internet daily for select potential >> vulnerabilities. >> >> On Sun, Jun 19, 2022, 11:43 AM Forrest Christian (List Account) >> <li...@packetflux.com <mailto:li...@packetflux.com>> wrote: >> See shadowserver.net <http://shadowserver.net/> >> On Sun, Jun 19, 2022, 4:13 AM Ronald F. Guilmette <r...@tristatelogic.com >> <mailto:r...@tristatelogic.com>> wrote: >> I would like to solicit the opinions of network operators on the practice >> of scanning all of, or large chunks of the internet for known >> vulnerabilities. >> >> In earlier times, this was generally viewed as being distinctly anti-social >> behavior, but perhaps attitudes have changed relative to earlier eras. >> I would thus like to know how people feel about it now, in 2022. >> >> >> Regards, >> rfg >> >> >> P.S. Just to be clear, I personally have neither any desire nor any intent >> to undertake such activity myself, nor am I in communiacation with any party >> or parties that have such an intent or desire. I cannot however say that I >> am unaware of any parties that may currently be involved in such activities. >
