On Mon, Jun 28, 2021 at 2:02 PM Doug McIntyre wrote:
>
> I'd say my public facing servers are under constant attack of some level
> of utility.
>
> Ie. my honeypot email servers collect 100k+ connections a day each,
> that don't have any MX pointing to them, their only sin is being up and
> liste
On Mon, Jun 28, 2021 at 07:42:11PM +0300, Nathaniel Ferguson wrote:
> I thought I'd add because it seems relevant and this is a pet peeve of my own,
> but with some notable exceptions-- anymore you can more or less think of a
> port
> scan as generally being a network diagnostic of some sort. Most
If you want to identify which peering links are sending you spoofed DDoS
amplification request traffic and which (Shadowserver identified) IPs in your
network the traffic is going to, please take a look at my Tattle Tale project:
https://github.com/racompton/tattle-tale
Identify which peers are
Great list.
ShadowServer is there twice on page 7. They must be noisy 😉
Jean
-Original Message-
From: NANOG On Behalf Of Hank
Nussbacher
Sent: June 28, 2021 2:50 PM
To: nanog@nanog.org
Subject: Re: shadowserver.org
> What is the difference between shodan.io and shadowserver.org ? Jea
What is the difference between shodan.io and shadowserver.org ? Jean
Just those 2? Greynoise maps them all. See an old preso from 2018:
https://www.slideshare.net/andrewwantsyou/identifying-and-correlating-internetwide-scan-traffic-to-newsworthy-security-events
See slide 7 for a 4 year old list
I haven't listened yet, but this seems interesting and relevant:
https://pca.st/episode/6c78d419-4414-4b95-8107-057effc20478
"In this edition of the Communicators, Andy Purdy, Chief Security Officer
of Huawei Technologies USA, discussed how the Biden Administration's tech
policies may present new
On Mon, 2021-06-28 at 13:04 -0400, Jean St-Laurent via NANOG wrote:
> What is the difference between shodan.io and shadowserver.org ?
At least in theory, for the former anyone that pays for the service (or
employs free credit) has access to the scan data, whereas for the
later, only the responsibl
On Mon, Jun 28, 2021 at 12:04 PM Jean St-Laurent wrote:
> What is the difference between shodan.io and shadowserver.org ?
In what regard? Both of those conduct frequent scans of the IPv4
internet. Neither of them attacks nor penetrates. The former may be
a more tailored scan.
Shodan's a for-
  28.06.2021, 18:25, "Jim" :They conduct probes and queries that are basically routinecommunications against IP Address Port pairs that have been routed onthe public internet. There is nothing I have seen / No evidence ofshadowserver specifcally ever conducting a penetration attempt orother actual
What is the difference between shodan.io and shadowserver.org ?
Jean
On 6/28/21 07:27, Fernando Gont via NANOG wrote:
In theory (at least), your ISP asked for it.
It appears to be opt-out. I don't think his ISP asked for it at all. His
ISP just hasn't asked them to stop.
--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
On Mon, Jun 28, 2021 at 9:22 AM Tom Beecher wrote:
> Shadowserver is constantly doing all kinds of port scanning and penetration
> attempts globally, have been for many years.
They conduct probes and queries that are basically routine
communications against IP Address Port pairs that have been r
What happened on June 20/21? Looks like someone broke something on your
cable link or perhaps an ICMP rate limiting was introduced.
Josh Luthman
24/7 Help Desk: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Mon, Jun 28, 2021 at 10:45 AM Matt Hoppes <
mattli...@riv
I don't know how you can be embarrassed when you have a pretty solid
30ms ping constantly, and Starlink has jitter all over the place and
spikes as high as 280ms.
I'll take the DOCSIS3 system
On 6/25/21 8:49 PM, Eric Kuhnke wrote:
I thought I would post an interesting comparison between a
Hi!
On Fri, 25 Jun 2021 18:56:36 +0300, "Alex K." may
have written:
> Ah ... and one more thing. Gladly, it is not our (network folks) life's
> complicated. It's system/DBA/and security folks, lifes. But I don't want
> to get cocky. We got SDN :-)
Yet. Probably.
Ransomware gangs /do/ target inf
On Sun, 2021-06-27 at 23:19 -0400, Scott Aldrich wrote:
> Anyone have an idea how to get HE/ShadowServer,org servers to stop
> attempting to penetrate the comcast drop at my house?
>
> Their website claims altruism.. but my logs dont support that claim.
In theory (at least), your ISP asked for it
Shadowserver is constantly doing all kinds of port scanning and penetration
attempts globally, have been for many years.
On a residential connection as you describe, have something in place that
drops anything from them, and move on with your day.
On Mon, Jun 28, 2021 at 8:59 AM Scott Aldrich
On 28/06/2021 06:19, Scott Aldrich wrote:
Anyone have an idea how to get HE/ShadowServer,org servers to stop
attempting to penetrate the comcast drop at my house?
Their website claims altruism.. but my logs dont support that claim.
Scott
Scott,
Did you look at:
https://www.shadowserver.org/
> On Jun 28, 2021, at 5:19 AM, Scott Aldrich wrote:
>
> Anyone have an idea how to get HE/ShadowServer,org servers to stop
> attempting to penetrate the comcast drop at my house?
> Their website claims altruism.. but my logs dont support that claim.
I have no connection with Shadowserver, and
Anyone have an idea how to get HE/ShadowServer,org servers to stop
attempting to penetrate the comcast drop at my house?
Their website claims altruism.. but my logs dont support that claim.
Scott
In my humble opinion, the hidden assumption beneath this question seems to
be incorrect. Ransomware is not a single event, with assumed similarity to
the kind of failures, we regulary see at our network world.
The key abstruct differences, might be summed up as follows:
A. First and foremost, ran
I am on the board of MGMIX, if anyone needs anything, please reach out to
me and I will make sure it's addressed. I will of course look into the
email problem as well.
Reid
On Thu, Jun 24, 2021 at 8:30 AM Elmar K. Bins wrote:
> Hi Walt, folks,
>
> > Holt, Marcus
> > Has been and is a good con
22 matches
Mail list logo
