On 2026-06-14 at 19:32 -0400, postfix--- wrote: > >> 64.62.197.0/24 shadowserver.org > > It is useful security scanner > ... > > You can easily opt out > ... > > I think they do good work > ... > > legitimate, but noisy .. you can request they don't probe your > machines > > A lot of good words for them. HOWEVER: IMHO, the opt out model is > insufficient and unacceptable. Another signal. > > Too many "white hats." Some try to justify their stuff in their > whois/RDAP remarks. Some have some sort of TOKEN there. No idea > what it is. If someone cares to explain, I am curious. But it is > curiosity only. To me, the white hats are as much of a nuisance as > the black hats. Unless *I* decide that I want to hire/pay a white > hat.
Shadowserver is a non-profit foundation. They scan pretty much the whole internet, detecting vulnerable services. This information is provided free-of-charge to those than can fix it, basically network owners and national CSIRTs. They also operate honeypots and routinely collaborates with takedowns of malicious infrastructure, such as the recent AudiA6 cryptolaundering takedown by europol: https://www.europol.europa.eu/media-press/newsroom/news/ransomware-gangs-cut-eur-336-million-audia6-crypto-laundering-pipeline _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
