On Mon, Jun 28, 2021 at 2:02 PM Doug McIntyre wrote:
>
> I'd say my public facing servers are under constant attack of some level
> of utility.
>
> Ie. my honeypot email servers collect 100k+ connections a day each,
> that don't have any MX pointing to them, their only sin is being up and
> liste
On Mon, Jun 28, 2021 at 07:42:11PM +0300, Nathaniel Ferguson wrote:
> I thought I'd add because it seems relevant and this is a pet peeve of my own,
> but with some notable exceptions-- anymore you can more or less think of a
> port
> scan as generally being a network diagnostic of some sort. Most
e noisy 😉
Jean
-Original Message-
From: NANOG On Behalf Of Hank
Nussbacher
Sent: June 28, 2021 2:50 PM
To: nanog@nanog.org
Subject: Re: shadowserver.org
> What is the difference between shodan.io and shadowserver.org ? Jean
Just those 2? Greynoise maps them all.
Great list.
ShadowServer is there twice on page 7. They must be noisy 😉
Jean
-Original Message-
From: NANOG On Behalf Of Hank
Nussbacher
Sent: June 28, 2021 2:50 PM
To: nanog@nanog.org
Subject: Re: shadowserver.org
> What is the difference between shodan.io and shadowserver.
What is the difference between shodan.io and shadowserver.org ? Jean
Just those 2? Greynoise maps them all. See an old preso from 2018:
https://www.slideshare.net/andrewwantsyou/identifying-and-correlating-internetwide-scan-traffic-to-newsworthy-security-events
See slide 7 for a 4 year old list
On Mon, 2021-06-28 at 13:04 -0400, Jean St-Laurent via NANOG wrote:
> What is the difference between shodan.io and shadowserver.org ?
At least in theory, for the former anyone that pays for the service (or
employs free credit) has access to the scan data, whereas for the
later, only the responsibl
On Mon, Jun 28, 2021 at 12:04 PM Jean St-Laurent wrote:
> What is the difference between shodan.io and shadowserver.org ?
In what regard? Both of those conduct frequent scans of the IPv4
internet. Neither of them attacks nor penetrates. The former may be
a more tailored scan.
Shodan's a for-
  28.06.2021, 18:25, "Jim" :They conduct probes and queries that are basically routinecommunications against IP Address Port pairs that have been routed onthe public internet. There is nothing I have seen / No evidence ofshadowserver specifcally ever conducting a penetration attempt orother actual
What is the difference between shodan.io and shadowserver.org ?
Jean
On 6/28/21 07:27, Fernando Gont via NANOG wrote:
In theory (at least), your ISP asked for it.
It appears to be opt-out. I don't think his ISP asked for it at all. His
ISP just hasn't asked them to stop.
--
Jay Hennigan - j...@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
On Mon, Jun 28, 2021 at 9:22 AM Tom Beecher wrote:
> Shadowserver is constantly doing all kinds of port scanning and penetration
> attempts globally, have been for many years.
They conduct probes and queries that are basically routine
communications against IP Address Port pairs that have been r
On Sun, 2021-06-27 at 23:19 -0400, Scott Aldrich wrote:
> Anyone have an idea how to get HE/ShadowServer,org servers to stop
> attempting to penetrate the comcast drop at my house?
>
> Their website claims altruism.. but my logs dont support that claim.
In theory (at least), your ISP asked for it
Shadowserver is constantly doing all kinds of port scanning and penetration
attempts globally, have been for many years.
On a residential connection as you describe, have something in place that
drops anything from them, and move on with your day.
On Mon, Jun 28, 2021 at 8:59 AM Scott Aldrich
On 28/06/2021 06:19, Scott Aldrich wrote:
Anyone have an idea how to get HE/ShadowServer,org servers to stop
attempting to penetrate the comcast drop at my house?
Their website claims altruism.. but my logs dont support that claim.
Scott
Scott,
Did you look at:
https://www.shadowserver.org/
> On Jun 28, 2021, at 5:19 AM, Scott Aldrich wrote:
>
> Anyone have an idea how to get HE/ShadowServer,org servers to stop
> attempting to penetrate the comcast drop at my house?
> Their website claims altruism.. but my logs dont support that claim.
I have no connection with Shadowserver, and
15 matches
Mail list logo
