> On Dec 7, 2017, at 9:14 PM, li...@lazygranch.com wrote:
>
> http://researchscan288.eecs.umich.edu/
> I never could find the research IP space and my email went unanswered.
> I just blocked the whole university. Link has the IP space as listed
> below:
> 141.212.121.0/24
> 141.212.122.0/24
Seems rather an overreaction. So a few bots scan your system now and then,
for socially beneficial research purposes[1]. Does it really make sense
to block an entire university to try to avoid this?
--
Viktor.
[1] Full disclosure, I perform DANE/DNSSEC adoption scans of as many
DNSSEC-validated domains I can find, currently ~5.1 million, making
connections to MX hosts that publish secure TLSA records (~4 thousand
MX hosts, covering ~174 thousand domains). Domain owners whose TLSA
records don't match reality are notified of any problems. Generally,
postmasters seem pleased to be notified and given the opportunity to
fix the problem in a timely manner. So I have some empathy for the
Michigan team, who are also by the way one of the sources from which
I gather domain names.
If some of you have deployed DANE TLSA records, but feel strongly
that I should exclude your domains from automated scans, please
drop me a note and I'll add your domains to my "ignore" list.
