Of course, most Internet probing systems SHOULD have full transparency,
and of course not probe any IPs at abnormal or high rates without
considering the destination.
My opinion, if they aren't transparent with their dealings, including
PTR's, URLs', User Agents, HELO, and of course 'rwhois', then yes..
If I don't know who they are, and can't contact them to find out, then
block them. That does for any email 'validators', or probes of any
type. If Shodan wasn't transparent, I would block them too..
This is irrespective of what hosting company they are using. (Just take
a look at all of the anonymous ones coming from Azure and AWS)
But, if they aren' abusive, and they are transparent, then hey.. if it
doesn't hurt, why worry..
On 2022-05-06 09:16, L. Mark Stone via mailop wrote:
Good Morning,
Asking if anyone has had experience with internet-research-project.net please?
They have no apparent web presence, so no straightforward way to contact them.
Linode hosts this allegedly legitimate security researcher, and my mail systems logs are
full of connections from a large number of IPs like
"cloud-scanner-17c84c24.internet-research-project.net" where the server just
drops the connection without attempting authentication. Looks like a port probe.
I opened up a support case with Linode; they said their Trust & Security team
feels their customer is doing legitimate security research. I responded that I
thought it was a violation of the Computer Fraud and Abuse Act of 1986 (as
amended), as we have never authorized any third party to access our systems for
anything other than sending legal email to our customers.
Linode said if I gave Linode all of my servers' IP addresses, they would pass
them on to internet-reserach-project.net with a request that they not probe my
IPs any longer (I declined). I responded asking for all of the IPs
internet-research-project.net uses so I can block them on my firewall (Linode
declined).
So before I start blocking all of the Linode networks from which this traffic
originates, I thought I should ask here to see if anyone else has had
experience with this internet-research-project.net organization.
I used to host at Linode. I thought they were pretty good a few years ago, with
great customer service and solid hosting at the time.
Any insights/suggestions/etc. are greatly appreciated.
Thanks in advance,
Mark
_________________________________________________________________
L. Mark Stone, Founder
Mission Critical Email LLC
North America's Leading Zimbra VAR/BSP/Training Partner
For Companies With Mission-Critical Email Needs
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
