Re:

2022-06-20 Thread Michel Blais
Several seems to use OpenBSD with OpenBGP and BGPLG.


Le lun. 20 juin 2022 à 17:08, J. Hellenthal via NANOG  a
écrit :

> It's not about what you use as aposed more of where it's used from.
>
> --
>  J. Hellenthal
>
> The fact that there's a highway to Hell but only a stairway to Heaven says
> a lot about anticipated traffic volume.
>
> On Jun 20, 2022, at 13:47, Josh Luthman 
> wrote:
>
> 
> I use Cogent: https://www.cogentco.com/en/looking-glass and HE which is
> easier to remember: https://lg.he.net/
>
> On Mon, Jun 20, 2022 at 9:56 AM Glenn Kelley 
> wrote:
>
>> Good Monday Morning Everyone.
>>
>> Quick Question:
>>
>> What is everyone's favorite software for running a looking glass.
>>
>> A friend asked me this over the weekend - and while there are others
>> available on the internet to use - it would be helpful for them to run one
>> within their own network.
>>
>> It has been a while since i have played setting one up so figured might
>> as well ask
>>
>>
>> *Glenn S. Kelley, *Connectivity.Engineer
>> Text and Voice Direct:  740-206-9624
>>
>>
>>
>>


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Randy Bush
> To what extent and to whom will you authorize to do that? 100 random
> college students? X number of new security firms? At some point it
> will break.

definitely not raging nanog vigilantes :)

randy


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Randy Bush
> For example I've gotten email in the past that some of my servers were
> running ntp in a way which makes them vuln to being used for DDoS
> amplification and, I believe, fixed that. I didn't mind.

that was a really well done campaign.  i thanked them profusely.

randy


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Joe Maimon




Matt Palmer wrote:

On Mon, Jun 20, 2022 at 02:18:30AM +, Mel Beckman wrote:

When researchers, or whoever, claim their scanning an altruistic service,
I ask them if they would mind someone coming to their home and trying to
open all the doors and windows every night.

If there were a few hundred people with nefarious intent trying to open your
doors and windows every night, someone doing the same thing with altruistic
intent might not be such a bad thing.

- Matt



Yall seem to be saying the same thing.

So long as it blends into the general IPv4 background radiation, all good.

Joe


Re: Test email

2022-06-20 Thread Glenn Kelley
Sir - that so sounds like the move of a Cogent rep

ha ha


*Glenn S. Kelley*


On Mon, Jun 20, 2022 at 10:48 AM J. Hellenthal via NANOG 
wrote:

>
> This is like setting a read-receipt-to: to a mailing list. The results
> are phenom !
>
> But on the other hand you get a nice handy list of replies that say "did
> not read" ;) leaking their address as a member.
>
> Done this by accident myself :(
>
> On Mon, Jun 20, 2022 at 02:11:50AM -0600, h...@interall.co.il wrote:
> >
> > Hello,
> >
> > Checking Email Functionality.
> >
> > Hosting Support
> > Thank you,
>
> --
> The fact that there's a Highway to Hell but only a Stairway to Heaven says
> a lot about anticipated traffic volume.
>


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Matt Palmer
On Mon, Jun 20, 2022 at 02:18:30AM +, Mel Beckman wrote:
> When researchers, or whoever, claim their scanning an altruistic service,
> I ask them if they would mind someone coming to their home and trying to
> open all the doors and windows every night.

If there were a few hundred people with nefarious intent trying to open your
doors and windows every night, someone doing the same thing with altruistic
intent might not be such a bad thing.

- Matt



Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread J. Hellenthal via NANOG


To what extent and to whom will you authorize to do that? 100 random college 
students? X number of new security firms? At some point it will break.

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a 
lot about anticipated traffic volume.

> On Jun 20, 2022, at 17:04, b...@theworld.com wrote:
> 
> 
> It seems to me there's vulnerability testing and there's vulnerability
> testing and just lumping them all together motivates disparate
> opinions.
> 
> For example it's one thing to perhaps see if home routers
> login/passwords are admin/admin or similar, or if systems seem to be
> vuln to easily exploitable bugs and reporting such problems to someone
> in charge versus, say, hammering at some network to see when/if DDoS
> mitigation kicks in.
> 
> For example I've gotten email in the past that some of my servers were
> running ntp in a way which makes them vuln to being used for DDoS
> amplification and, I believe, fixed that. I didn't mind.
> 
> Anyhow, you all probably get my point without further hypotheticals or
> examples.
> 
> Scanning for known vulns and reporting can be ok, testing to
> destruction? Not so much.
> 
> -- 
>-Barry Shein
> 
> Software Tool & Die| b...@theworld.com | 
> http://www.TheWorld.com
> Purveyors to the Trade | Voice: +1 617-STD-WRLD   | 800-THE-WRLD
> The World: Since 1989  | A Public Information Utility | *oo*


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Robert L Mathews

On 6/20/22 12:24 PM, Matthew Craig wrote:
The intent behind vulnerability scans is good, however the majority of 
DOS attacks that my networks encounter these days are from cybersecurity 
organizations conducting cybersecurity research.


Yeah. The unwritten rule of this is "if you're going to do it, do it 
gently enough that the person receiving it doesn't notice".


If the load average on my server goes up by 20 because you've opened 20 
simultaneous HTTP connections and you're sending nonstop requests on all 
of them for thousands of random filenames that don't exist (but which 
each cause a PHP script to run), I'm not going to appreciate it.


Same if you send tens of thousands of TCP SYNs a second so you can 
quickly scan all possible ports of hundreds of IP addresses.


If I don't even notice it, though, I'm unlikely to be bothered to object 
to it.


--
Robert L Mathews


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread bzs


It seems to me there's vulnerability testing and there's vulnerability
testing and just lumping them all together motivates disparate
opinions.

For example it's one thing to perhaps see if home routers
login/passwords are admin/admin or similar, or if systems seem to be
vuln to easily exploitable bugs and reporting such problems to someone
in charge versus, say, hammering at some network to see when/if DDoS
mitigation kicks in.

For example I've gotten email in the past that some of my servers were
running ntp in a way which makes them vuln to being used for DDoS
amplification and, I believe, fixed that. I didn't mind.

Anyhow, you all probably get my point without further hypotheticals or
examples.

Scanning for known vulns and reporting can be ok, testing to
destruction? Not so much.

-- 
-Barry Shein

Software Tool & Die| b...@theworld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD   | 800-THE-WRLD
The World: Since 1989  | A Public Information Utility | *oo*


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Carsten Bormann
On 2022-06-20, at 23:02, Mel Beckman  wrote:
> 
> Carsten,
> 
> The discussion is not getting far afield: it’s on point. And it’s a hugely 
> germane topic for network operators. 
> 
> Regarding your claim “You consented to receiving packets when connecting to 
> the Internet“, I counter with what is in virtually every ISP’sAUP for 
> customers: Unauthorized port scanning is expressly prohibited. 

Of course they don’t want their customers to do that.
(They might find out that the ISP is cooking with water…)
I’m not your customer, though.

> I strongly suspect that this is probably also a violation of the U.S. 
> Computer Abuse and Fraud Act, which criminalizes anyone who “Intentionally 
> accesses a computer without authorization or exceeds authorized access, and 
> thereby obtains … information from any protected computer.” A great many VA 
> plug-ins attempt to — and often do — extract information they’re not 
> authorized to. 

You would think so, but then it turns out the CFAA is not actually being 
policed in the way you think it should be.

(The whole thing is a bit of a “soviet law" situation, where everyone is 
routinely doing things that could theoretically be criminalized, but aren’t, 
except when some thug is exceptionally interested in doing so and can thus 
abuse the law to exert unreasonable power over you.)

So CFAA is more a case of us logical people trying to interpret a law that 
clearly is not subject to applying logic.

In any case, I’d argue I’m concludently authorized by you having opened to my 
access that port I’m probing — the computer simply isn’t “protected”.

.oOo.

I can understand very well that everyone here is allergic to the large-scale 
scanners (most of which are done in a spectacularly stupid way) that are 
loading our servers.  That problem is not being solved by banning 
well-thought-out academic research; you wouldn’t be able to note the difference 
if that stopped.

(Oh, and, as a service, our ISP scans our ports and looks for vulns, which is a 
good service so we don’t have to do this as much for systems set up by our 
students.)

Grüße, Carsten



Re:

2022-06-20 Thread J. Hellenthal via NANOG
It's not about what you use as aposed more of where it's used from.

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a 
lot about anticipated traffic volume.

> On Jun 20, 2022, at 13:47, Josh Luthman  wrote:
> 
> 
> I use Cogent: https://www.cogentco.com/en/looking-glass and HE which is 
> easier to remember: https://lg.he.net/
> 
>> On Mon, Jun 20, 2022 at 9:56 AM Glenn Kelley  
>> wrote:
>> Good Monday Morning Everyone. 
>> 
>> Quick Question: 
>> 
>> What is everyone's favorite software for running a looking glass. 
>> 
>> A friend asked me this over the weekend - and while there are others 
>> available on the internet to use - it would be helpful for them to run one 
>> within their own network. 
>> 
>> It has been a while since i have played setting one up so figured might as 
>> well ask 
>> 
>> 
>> Glenn S. Kelley, Connectivity.Engineer 
>> Text and Voice Direct:  740-206-9624
>> 
>> 
>> 


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Mel Beckman
Carsten,

The discussion is not getting far afield: it’s on point. And it’s a hugely 
germane topic for network operators. 

Regarding your claim “You consented to receiving packets when connecting to the 
Internet“, I counter with what is in virtually every ISP’sAUP for customers: 
Unauthorized port scanning is expressly prohibited. 

In fact, when I Google that precise phrase along with “Acceptable Use Policy” I 
get thousands of hits. 

I strongly suspect that this is probably also a violation of the U.S. Computer 
Abuse and Fraud Act, which criminalizes anyone who “Intentionally accesses a 
computer without authorization or exceeds authorized access, and thereby 
obtains … information from any protected computer.” A great many VA plug-ins 
attempt to — and often do — extract information they’re not authorized to. 

-mel

> On Jun 20, 2022, at 1:11 PM, Carsten Bormann  wrote:
> 
> On 2022-06-20, at 19:36, goemon--- via NANOG  wrote:
>> 
>> On Mon, 20 Jun 2022, Carsten Bormann wrote:
> On 2022-06-20, at 14:14, J. Hellenthal  wrote:
> Yeah that's another thing, "research" cause you need to learn it let's 
> have them do it too, multiply that by every university \o/
>>> there was some actual research involved.
>>> 
>>> I agree that there should be a very good reason to expend a tiny bit of 
>>> everyone’s resources on this.
>>> 
>>> I do not agree that this externality makes any research in this space 
>>> unethical.
>> 
>> Consent is what makes it unethical.
> 
> You consented to receiving packets by connecting to the Internet.
> 
> Now there is a limit to that consent (e.g., when these packets have an actual 
> material negative effect), and here we enter an area where all simple 
> schematic approaches fail — you really have to think about outcomes instead 
> of expounding fundamentalist stances.
> 
>>> You signed up for this when you joined the Internet (er, stuck with the 
>>> IPv4 Internet, I should probably say).
>> 
>> "If you dont like the unsolicited email, just hit delete" ?
>> 
>> How about ... NO.
> 
> How about: It’s really hard to properly apply analogies.
> 
> Unsolicited email wastes people’s time, and actually a lot of that.
> (Responsibly performed) packet probes waste machine time, and very little so.
> (If you are wasting human time on packet probes, you are holding it wrong.)
> Totally different outcome, and hence totally different ethics.
> 
> This “discussion" is getting a bit off-topic.
> 
> Grüße, Carsten
> 


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Carsten Bormann
On 2022-06-20, at 19:36, goemon--- via NANOG  wrote:
> 
> On Mon, 20 Jun 2022, Carsten Bormann wrote:
>>> On 2022-06-20, at 14:14, J. Hellenthal  wrote:
>>> Yeah that's another thing, "research" cause you need to learn it let's have 
>>> them do it too, multiply that by every university \o/
>> there was some actual research involved.
>> 
>> I agree that there should be a very good reason to expend a tiny bit of 
>> everyone’s resources on this.
>> 
>> I do not agree that this externality makes any research in this space 
>> unethical.
> 
> Consent is what makes it unethical.

You consented to receiving packets by connecting to the Internet.

Now there is a limit to that consent (e.g., when these packets have an actual 
material negative effect), and here we enter an area where all simple schematic 
approaches fail — you really have to think about outcomes instead of expounding 
fundamentalist stances.

>> You signed up for this when you joined the Internet (er, stuck with the IPv4 
>> Internet, I should probably say).
> 
> "If you dont like the unsolicited email, just hit delete" ?
> 
> How about ... NO.

How about: It’s really hard to properly apply analogies.

Unsolicited email wastes people’s time, and actually a lot of that.
(Responsibly performed) packet probes waste machine time, and very little so.
(If you are wasting human time on packet probes, you are holding it wrong.)
Totally different outcome, and hence totally different ethics.

This “discussion" is getting a bit off-topic.

Grüße, Carsten



Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread nanog08
Hey - I have a neat new idea...  Let's test the structure of levees by 
flooding the rivers and seeing what levees don't survive.


Geoff


On 6/20/22 07:46, Mel Beckman wrote:

Carsten,

No, it’s more like 50,000 furnace guys who show up several times a 
day to rattle doorknobs, attempt to push slim Jim’s into window 
latches, hack your garage door opener, sneak into your back garden, 
and fly drones around your home to see what valuables you might have. 
Yes, some of them are altruistic, but some are self-righteous 
officious boobs, and the vast majority are career criminals that will 
rob your house, drain your retirement account, and kill your family 
with a spoofed SWAT raid.


-mel beckman


On Jun 20, 2022, at 4:20 AM, Carsten Bormann  wrote:
On 2022-06-20, at 04:18, Mel Beckman  wrote:
When researchers, or whoever, claim their scanning an altruistic 
service, I ask them if they would mind someone coming to their home 
and trying to open all the doors and windows every night.
Well, it is more like the guy who comes once a year and checks that 
your central heating is not going to blow up.


(Disclaimer: I have supervised students who designed and executed 
benign mass-scans of the IPv4 Internet in order to validate 
hypotheses about market penetration of certain security updates, and 
I definitely would do that again if there is a good reason to perform 
such a scan.)


Grüße, Carsten





Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Mel Beckman
Randy,

Great idea! And bill the taxpayers!

-mel via cell

> On Jun 20, 2022, at 11:55 AM, Randy Bush  wrote:
> 
> 
>> 
>> I treat these folk with the same respect they afford me. Not once in
>> 30 years of having a connected network (v4 or v6) has any entity asked
>> "is it OK if we .. ?".
> 
> how strange, considering you are replying to a thread doing so.
> 
> fwiw, i appreciate vuln scanners.  i do not have the hubris or tools to
> think i run a flawless network or servers.
> 
> randy


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Matthew Craig

The intent behind vulnerability scans is good, however the majority of DOS 
attacks that my networks encounter these days are from cybersecurity 
organizations conducting cybersecurity research.

Funding requests for DOS mitigation solutions to protect my networks from 
cybersecurity researchers are not taken seriously.




-
Matt








On Jun 20, 2022, at 12:55 PM, Randy Bush mailto:ra...@psg.com>> 
wrote:

**Warning: This email originated external to the NMSU email system. Do not 
click on links or open attachments unless you are sure the content is safe.

I treat these folk with the same respect they afford me. Not once in
30 years of having a connected network (v4 or v6) has any entity asked
"is it OK if we .. ?".

how strange, considering you are replying to a thread doing so.

fwiw, i appreciate vuln scanners.  i do not have the hubris or tools to
think i run a flawless network or servers.

randy




Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Randy Bush
> I treat these folk with the same respect they afford me. Not once in
> 30 years of having a connected network (v4 or v6) has any entity asked
> "is it OK if we .. ?".

how strange, considering you are replying to a thread doing so.

fwiw, i appreciate vuln scanners.  i do not have the hubris or tools to
think i run a flawless network or servers.

randy


Re: Congrats to AS701

2022-06-20 Thread John Von Essen
Philly suburbs here, v6 is live for me. At home I use an Orbi router, just 
enabled v6 with autoconfig and got a native v6 WAN. So far looks good. Had to 
manually configure v6 DNS though.

The only downside is the geolocation of my v6 IP is pretty bad.

John

Sent from my iPhone
> On Jun 16, 2022, at 9:45 AM, Jamie Bowden via NANOG  wrote:
> 
> 
> I had to log in to my FiOS provided CPE (Verizon Quantum Gateway) and enable 
> IPv6.  It’s off by default. 
>  
> This is what I see in Reston, VA:
>  
> Ethernet adapter Ethernet:
>  
>Connection-specific DNS Suffix  . : fios-router.home
>Description . . . . . . . . . . . : Intel(R) Ethernet Connection I217-LM
>Physical Address. . . . . . . . . : 6C-C2-17-EE-EE-6D
>DHCP Enabled. . . . . . . . . . . : Yes
>Autoconfiguration Enabled . . . . : Yes
>IPv6 Address. . . . . . . . . . . : 
> 2600:4040:2b48:ce00:25e4:9527:2f2b:e571(Preferred)
>Temporary IPv6 Address. . . . . . : 
> 2600:4040:2b48:ce00:3411:b0a4:e9e7:e28f(Preferred)
>Link-local IPv6 Address . . . . . : fe80::25e4:9527:2f2b:e571%18(Preferred)
>IPv4 Address. . . . . . . . . . . : 192.168.2.146(Preferred)
>Subnet Mask . . . . . . . . . . . : 255.255.255.0
>Lease Obtained. . . . . . . . . . : Thursday, June 16, 2022 8:48:52 AM
>Lease Expires . . . . . . . . . . : Friday, June 17, 2022 8:48:51 AM
>Default Gateway . . . . . . . . . : fe80::4a5d:36ff:fecc:fe42%18
>192.168.2.254
>DHCP Server . . . . . . . . . . . : 192.168.2.254
>DHCPv6 IAID . . . . . . . . . . . : 57459223
>DHCPv6 Client DUID. . . . . . . . : 
> 00-01-00-01-23-20-9D-C9-6C-C2-17-EE-EE-6D
>DNS Servers . . . . . . . . . . . : 2600:4040:2b48:ce00::1
>192.168.2.254
>2600:4040:2b48:ce00::1
>NetBIOS over Tcpip. . . . . . . . : Enabled
>Connection-specific DNS Suffix Search List :
>fios-router.home
>  
> My Netgear router/WAP is set to autodetect IPv6 and sees it as passthrough.  
> IPv4 is double NAT, but I have the v4 interface on the Netgear set to a 
> static IP and the Verizon router is configured to treat that address as a DMZ 
> and passes all traffic directly to it (theoretically unmolested).  I used to 
> have it set to bridge mode for that port so it was only a single NAT, but 
> every time the VZ supplied router rebooted, I’d have to manually go back and 
> fix it, so I compromised and set as a DMZ instead.
>  
> In the interest of not putting my house directly on the internet without 
> protection, I do have all v6 traffic using the FiOS router’s firewall since 
> I’m not convinced that the Netgear is properly firewalling that traffic due 
> to the mode.
>  
> Thanks,
> --
> Jamie Bowden
> Senior Computer Network Technologist II
> 
> O: +1 703.842.3848
> C: +1 703.403.9745
> jamie.s.bow...@raytheon.com
> jamie.s.bow...@rtx.com
> 
> Raytheon Intelligence & Space
> Digital Technology
> 1100 Wilson Blvd.
> Suite 2000
> Arlington, VA 22209
>  
> RTX.com | LinkedIn | Twitter | Instagram
>  
> Upcoming PTO:
>  
> June 22, 2022
> July 4-8, 2022
>  
> From: NANOG  On Behalf 
> Of Christopher Morrow
> Sent: Saturday, June 11, 2022 10:05 PM
> To: nanog list 
> Subject: [External] Fwd: Congrats to AS701
>  
>  
> Looks like FIOS customers may be getting ipv6 deployed toward them, finally:
> 
> ifconfig snippet from local machine:
> inet6 2600:4040:2001:2200:73d2:6bcc:1e6b:43a1  prefixlen 64  scopeid 
> 0x0
> inet6 2600:4040:2001:2200:e87:bf36:b6cb:6ce1  prefixlen 64  scopeid 
> 0x0
>  
> ping attempt:
>   64 bytes from bh-in-f106.1e100.net (2607:f8b0:4004:c09::6a): icmp_seq=1 
> ttl=59 time=8.71 ms
>  
> 8ms from mclean, va to ashburn, va isn't wondrous, but at least it's ipv6 
> (and marginally faster than ipv4)
>  
> Congrats to the 701 folk for deploying more widely!
>   (note: I don't know exactly when this started, nor how wide it really is, 
> but progress here is welcomed by myself at least :) )
> -chris


Re:

2022-06-20 Thread Glenn Kelley
Josh - there are a ton of public looking glass servers.
The idea here was to run their own.
which then gives them the ability to see things from their networks
perspective a bit easier.


*Glenn S. Kelley, *Connectivity.Engineer
Text and Voice Direct:  740-206-9624


IMPORTANT: The contents of this email and any attachments are confidential.
They are intended for the named recipient(s) only. If you have received
this email by mistake, please notify Glenn Kelley, the sender, immediately
and do not disclose the contents to anyone or make copies thereof.


On Mon, Jun 20, 2022 at 2:45 PM Josh Luthman 
wrote:

> I use Cogent: https://www.cogentco.com/en/looking-glass and HE which is
> easier to remember: https://lg.he.net/
>
> On Mon, Jun 20, 2022 at 9:56 AM Glenn Kelley 
> wrote:
>
>> Good Monday Morning Everyone.
>>
>> Quick Question:
>>
>> What is everyone's favorite software for running a looking glass.
>>
>> A friend asked me this over the weekend - and while there are others
>> available on the internet to use - it would be helpful for them to run one
>> within their own network.
>>
>> It has been a while since i have played setting one up so figured might
>> as well ask
>>
>>
>> *Glenn S. Kelley, *Connectivity.Engineer
>> Text and Voice Direct:  740-206-9624
>>
>>
>>
>>


Re:

2022-06-20 Thread Josh Luthman
I use Cogent: https://www.cogentco.com/en/looking-glass and HE which is
easier to remember: https://lg.he.net/

On Mon, Jun 20, 2022 at 9:56 AM Glenn Kelley 
wrote:

> Good Monday Morning Everyone.
>
> Quick Question:
>
> What is everyone's favorite software for running a looking glass.
>
> A friend asked me this over the weekend - and while there are others
> available on the internet to use - it would be helpful for them to run one
> within their own network.
>
> It has been a while since i have played setting one up so figured might as
> well ask
>
>
> *Glenn S. Kelley, *Connectivity.Engineer
> Text and Voice Direct:  740-206-9624
>
>
>
>


Dell Enterprise OS10 'aaa authorization'

2022-06-20 Thread Drew Weaver
Hello,

Happy holiday.

I am sure that I will eventually figure this out on my own but if anyone has 
already gone through the effort to figure it out I would appreciate any notes 
you can give me.

I am using tac_plus to AAA against a S5248F-ON running Dell OS10E 10.5.0.1P1

I noticed that when configuring this switch I see:

5248(config)# aaa
  accounting   Configure AAA accounting
  authentication   To configure AAA Authentication

There doesn't appear to be any understanding of the authorization mechanism 
(you know, to control which commands users can run once they connect to the 
device).

Does anyone off-hand know how you configure the authorization mechanism in 
OS10E?

If for whatever reason this is impossible, how did you create a user that can 
*only* do what is required by RANCID to back up the configuration on these 
devices?

Thanks,
-Drew





Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread goemon--- via NANOG

On Mon, 20 Jun 2022, Carsten Bormann wrote:

On 2022-06-20, at 14:14, J. Hellenthal  wrote:
Yeah that's another thing, "research" cause you need to learn it let's have 
them do it too, multiply that by every university \o/

there was some actual research involved.

I agree that there should be a very good reason to expend a tiny bit of 
everyone’s resources on this.

I do not agree that this externality makes any research in this space unethical.


Consent is what makes it unethical.


You signed up for this when you joined the Internet (er, stuck with the IPv4 
Internet, I should probably say).


"If you dont like the unsolicited email, just hit delete" ?

How about ... NO.

-Dan


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread J. Hellenthal via NANOG
On Mon, Jun 20, 2022 at 11:02:25AM -0400, Michael Butler via NANOG wrote:
> I treat these folk with the same respect they afford me. Not once in 30
> years of having a connected network (v4 or v6) has any entity asked "is it
> OK if we .. ?".
> 
> To my mind, it seems rather idiotic and self-defeating to have the plumbing
> congested with packets intended to measure congestion :-(
> 
>   Michael

Well put!

> 
> On 6/20/22 09:46, Mel Beckman wrote:
> > Carsten,
> > 
> > No, it’s more like 50,000 furnace guys who show up several times a day to 
> > rattle doorknobs, attempt to push slim Jim’s into window latches, hack your 
> > garage door opener, sneak into your back garden, and fly drones around your 
> > home to see what valuables you might have. Yes, some of them are 
> > altruistic, but some are self-righteous officious boobs, and the vast 
> > majority are career criminals that will rob your house, drain your 
> > retirement account, and kill your family with a spoofed SWAT raid.
> > 
> >   -mel beckman
> > 
> > > On Jun 20, 2022, at 4:20 AM, Carsten Bormann  wrote:
> > > On 2022-06-20, at 04:18, Mel Beckman  wrote:
> > > > 
> > > > When researchers, or whoever, claim their scanning an altruistic 
> > > > service, I ask them if they would mind someone coming to their home and 
> > > > trying to open all the doors and windows every night.
> > > 
> > > Well, it is more like the guy who comes once a year and checks that your 
> > > central heating is not going to blow up.
> > > 
> > > (Disclaimer: I have supervised students who designed and executed benign 
> > > mass-scans of the IPv4 Internet in order to validate hypotheses about 
> > > market penetration of certain security updates, and I definitely would do 
> > > that again if there is a good reason to perform such a scan.)
> > > 
> > > Grüße, Carsten
> 

-- 
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.


signature.asc
Description: PGP signature


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Michael Butler via NANOG
I treat these folk with the same respect they afford me. Not once in 30 
years of having a connected network (v4 or v6) has any entity asked "is 
it OK if we .. ?".


To my mind, it seems rather idiotic and self-defeating to have the 
plumbing congested with packets intended to measure congestion :-(


Michael

On 6/20/22 09:46, Mel Beckman wrote:

Carsten,

No, it’s more like 50,000 furnace guys who show up several times a day to 
rattle doorknobs, attempt to push slim Jim’s into window latches, hack your 
garage door opener, sneak into your back garden, and fly drones around your 
home to see what valuables you might have. Yes, some of them are altruistic, 
but some are self-righteous officious boobs, and the vast majority are career 
criminals that will rob your house, drain your retirement account, and kill 
your family with a spoofed SWAT raid.

  -mel beckman


On Jun 20, 2022, at 4:20 AM, Carsten Bormann  wrote:
On 2022-06-20, at 04:18, Mel Beckman  wrote:


When researchers, or whoever, claim their scanning an altruistic service, I ask 
them if they would mind someone coming to their home and trying to open all the 
doors and windows every night.


Well, it is more like the guy who comes once a year and checks that your 
central heating is not going to blow up.

(Disclaimer: I have supervised students who designed and executed benign 
mass-scans of the IPv4 Internet in order to validate hypotheses about market 
penetration of certain security updates, and I definitely would do that again 
if there is a good reason to perform such a scan.)

Grüße, Carsten




Re: Test email

2022-06-20 Thread J. Hellenthal via NANOG

This is like setting a read-receipt-to: to a mailing list. The results
are phenom !

But on the other hand you get a nice handy list of replies that say "did
not read" ;) leaking their address as a member.

Done this by accident myself :(

On Mon, Jun 20, 2022 at 02:11:50AM -0600, h...@interall.co.il wrote:
> 
> Hello,
> 
> Checking Email Functionality.
> 
> Hosting Support
> Thank you,

-- 
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.


signature.asc
Description: PGP signature


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread J. Hellenthal via NANOG
On Mon, Jun 20, 2022 at 02:47:27PM +0200, Carsten Bormann wrote:
> J.,
> 
> > On 2022-06-20, at 14:14, J. Hellenthal  wrote:
> > 
> > Yeah that's another thing, "research" cause you need to learn it let's have 
> > them do it too, multiply that by every university \o/
> 

No no not saying there wasnt. Research is needed for sure and education
is very important. But the fact of most matters stand in that area where
some code may not exactly be up to par from "some students" and still
exaust itself on the public internet of things where little real
oversight actually happens from its origin until it has already impacted
multiple destinations that did not ask for it.

Definately did sign up for it! and with all the proper checks and
balances, can handle them appropriately at 2am when when N students have
been asleep letting their code run wild.

Sorry not picking on "you/this" in particular on your part. It's just
not all of them are exactly up to par while following what they believe
are best practices governed by an instructor(not you) that deems it
benign where I have found some instructors/educators have very little
knowledge in the field whatsoever beyond a textbook and a home
computer/lab. I look forward to the school years to begin, it brings a
challenge where traffic from skids drops between certain hours in
different countries and the detection begins for advertisement scanners
and real threats.

Noise is cool, it gives pretty results where the ugly of the networks
typically just annoy you. Not cool when its amplified by N number of
whatever (advertising/company/students) like a udp amplification attack
but initiated by india.edu, america.edu, X.edu all at the wrong time.

Anyway I retract

Happy fathers day yesterday and hope all your're weekends have been
great.

> there was some actual research involved.
> 
> I agree that there should be a very good reason to expend a tiny bit of 
> everyone’s resources on this.
> 
> I do not agree that this externality makes any research in this space 
> unethical.
> 
> You signed up for this when you joined the Internet (er, stuck with the IPv4 
> Internet, I should probably say).
> 
> Grüße, Carsten
> 

-- 
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.


signature.asc
Description: PGP signature


Re: Looking Glass Software

2022-06-20 Thread Phineas Walton
Used Hyperglass a bunch. Looks pretty, very extensive & configurable,
support for most platforms. Highly recommend!

https://hyperglass.dev

Best
Phin

On Mon, Jun 20, 2022 at 2:57 PM Glenn Kelley 
wrote:

> Good Monday Morning Everyone.
>
> Quick Question:
>
> What is everyone's favorite software for running a looking glass.
>
> A friend asked me this over the weekend - and while there are others
> available on the internet to use - it would be helpful for them to run one
> within their own network.
>
> It has been a while since i have played setting one up so figured might as
> well ask
>
>
> *Glenn S. Kelley, *Connectivity.Engineer
> Text and Voice Direct:  740-206-9624
>
>
>
>


[no subject]

2022-06-20 Thread Glenn Kelley
Good Monday Morning Everyone.

Quick Question:

What is everyone's favorite software for running a looking glass.

A friend asked me this over the weekend - and while there are others
available on the internet to use - it would be helpful for them to run one
within their own network.

It has been a while since i have played setting one up so figured might as
well ask


*Glenn S. Kelley, *Connectivity.Engineer
Text and Voice Direct:  740-206-9624


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Mel Beckman
Carsten,

No, it’s more like 50,000 furnace guys who show up several times a day to 
rattle doorknobs, attempt to push slim Jim’s into window latches, hack your 
garage door opener, sneak into your back garden, and fly drones around your 
home to see what valuables you might have. Yes, some of them are altruistic, 
but some are self-righteous officious boobs, and the vast majority are career 
criminals that will rob your house, drain your retirement account, and kill 
your family with a spoofed SWAT raid.

 -mel beckman

> On Jun 20, 2022, at 4:20 AM, Carsten Bormann  wrote:
> On 2022-06-20, at 04:18, Mel Beckman  wrote:
>> 
>> When researchers, or whoever, claim their scanning an altruistic service, I 
>> ask them if they would mind someone coming to their home and trying to open 
>> all the doors and windows every night.
> 
> Well, it is more like the guy who comes once a year and checks that your 
> central heating is not going to blow up.  
> 
> (Disclaimer: I have supervised students who designed and executed benign 
> mass-scans of the IPv4 Internet in order to validate hypotheses about market 
> penetration of certain security updates, and I definitely would do that again 
> if there is a good reason to perform such a scan.)
> 
> Grüße, Carsten


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread John Kristoff
On Sun, 19 Jun 2022 08:06:59 -0400
Dovid Bender  wrote:

> I don't know who is doing it. I just know that IL Cert contacted our
> parent company which has an ISP in Israel when things were "hot".

Some national government infrastructure protection organizations will
relay notifications to local provider networks (e.g., abuse@) based
on reputable third party surveyors (aka network scanner operators).  I
think it is safe to assume this is generally done as a public service,
but perhaps with some mandates to measure and minimize risk within a
country's borders.

Most providers will usually convey the notification is fairly strong
language, usually demanding some sort of response and if applicable,
remediation.  The reports can contain false positives (e.g., when
scanners cannot differentiate between vulnerable systems and honeypots).

It isn't always clear based on the relayed reports who is running the
scans, but in my experience Shadowserver is the most widely used and
cited.  There are of course lots of others running scans.  Commercially,
Greynoise tracks many of them.  A research-based tracker is also
available here:

  

John


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Carsten Bormann
J.,

> On 2022-06-20, at 14:14, J. Hellenthal  wrote:
> 
> Yeah that's another thing, "research" cause you need to learn it let's have 
> them do it too, multiply that by every university \o/

there was some actual research involved.

I agree that there should be a very good reason to expend a tiny bit of 
everyone’s resources on this.

I do not agree that this externality makes any research in this space unethical.

You signed up for this when you joined the Internet (er, stuck with the IPv4 
Internet, I should probably say).

Grüße, Carsten



Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread J. Hellenthal via NANOG


Yeah that's another thing, "research" cause you need to learn it let's have 
them do it too, multiply that by every university \o/

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a 
lot about anticipated traffic volume.

> On Jun 20, 2022, at 06:22, Carsten Bormann  wrote:
> 
> On 2022-06-20, at 04:18, Mel Beckman  wrote:
>> 
>> When researchers, or whoever, claim their scanning an altruistic service, I 
>> ask them if they would mind someone coming to their home and trying to open 
>> all the doors and windows every night. 
> 
> Well, it is more like the guy who comes once a year and checks that your 
> central heating is not going to blow up.  
> 
> (Disclaimer: I have supervised students who designed and executed benign 
> mass-scans of the IPv4 Internet in order to validate hypotheses about market 
> penetration of certain security updates, and I definitely would do that again 
> if there is a good reason to perform such a scan.)
> 
> Grüße, Carsten
> 


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Carsten Bormann
On 2022-06-20, at 04:18, Mel Beckman  wrote:
> 
> When researchers, or whoever, claim their scanning an altruistic service, I 
> ask them if they would mind someone coming to their home and trying to open 
> all the doors and windows every night. 

Well, it is more like the guy who comes once a year and checks that your 
central heating is not going to blow up.  

(Disclaimer: I have supervised students who designed and executed benign 
mass-scans of the IPv4 Internet in order to validate hypotheses about market 
penetration of certain security updates, and I definitely would do that again 
if there is a good reason to perform such a scan.)

Grüße, Carsten



Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread J. Hellenthal via NANOG
Wish I still had that email from them where person "possibly not speaking for the company" stated that "they scan the entire internet for vulns and other nefarious things.Where I stated "don't care get your unwanted advertisement scans off my edge, if I want you in the future I know where to find you". And he kept beating around the bush.--  J. HellenthalThe fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.On Jun 20, 2022, at 01:09, Owen DeLong via NANOG  wrote:shadow server (to the best of my knowledge) only scans sites that have invited them to do so.OwenOn Jun 19, 2022, at 10:43 , Forrest Christian (List Account)  wrote:See shadowserver.netOn Sun, Jun 19, 2022, 4:13 AM Ronald F. Guilmette  wrote:I would like to solicit the opinions of network operators on the practice
of scanning all of, or large chunks of the internet for known vulnerabilities.

In earlier times, this was generally viewed as being distinctly anti-social
behavior, but perhaps attitudes have changed relative to earlier eras.
I would thus like to know how people feel about it now, in 2022.


Regards,
rfg


P.S.  Just to be clear, I personally have neither any desire nor any intent
to undertake such activity myself, nor am I in communiacation with any party
or parties that have such an intent or desire.  I cannot however say that I
am unaware of any parties that may currently be involved in such activities.



Re: Test email

2022-06-20 Thread J. Hellenthal via NANOG
Novices 浪

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a 
lot about anticipated traffic volume.

> On Jun 20, 2022, at 03:36, Hank Nussbacher  wrote:
> 
> On 20/06/2022 11:30, Peter Potvin wrote:
> 
> I did not send this to the list.  I assume the admins are testing out what 
> has been blocking my emails for the past month and somehow this email slipped 
> thru.  Just ignore and delete.
> 
> -Hank
> 
>> Why did moderation let this through the filters? I don't believe that 
>> testing email functionality is the intended use case of the NANOG mailing 
>> list.
>> Also worth noting that the website for the domain this came from says the 
>> owner of the site specializes in "anti-spam", which based on this email 
>> alone doesn't look to be the case. Anyone else agree?
>> Regards,
>> Peter
>> On Mon., Jun. 20, 2022, 4:15 a.m. , > > wrote:
>>Hello,
>>Checking Email Functionality.
>>Hosting Support
>>Thank you,
>> The information contained in this message may be privileged, confidential 
>> and protected from disclosure. This message is intended only for the 
>> designated recipient(s). It is subject to access, review and disclosure by 
>> the sender's Email System Administrator. If you have received this message 
>> in error, please advise by return e-mail so that our address records can be 
>> corrected and please delete immediately without reading, copying or 
>> forwarding to others. Any unauthorized review, use, disclosure or 
>> distribution is prohibited.
>> Copyright © 2022 Accuris Technologies Ltd. All Rights Reserved.
>> L'information contenue dans ce message pourrait être de nature privilégiée, 
>> confidentielle et protégée contre toute divulgation. Ce message est destiné 
>> à l'usage exclusif du(des) destinataire(s) visé(s). Le gestionnaire de 
>> système du courrier électronique de l'expéditeur pourrait avoir accès à ce 
>> message, l'examiner et le divulguer. Si ce message vous est transmis par 
>> erreur, veuillez nous en aviser par courrier électronique à notre adresse, 
>> afin que l'on puisse corriger nos registres, puis veuillez le supprimer 
>> immédiatement, sans le lire, le copier ou le transmettre à des tiers. Tout 
>> examen, toute utilisation, divulgation ou distribution non autorisé de cette 
>> information est interdit.
>> Droit d'auteur © 2022 Accuris Technologies Ltd. Tous droits réservés.
> 


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread J. Hellenthal via NANOG
Yep that's exactly what that is. While the intention is good, it's all still unwarranted.--  J. HellenthalThe fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.On Jun 19, 2022, at 21:18, Mel Beckman  wrote:




When researchers, or whoever, claim their scanning an altruistic service, I ask them if they would mind someone coming to their home and trying to open all the doors and windows every night. 


 -mel beckman


On Jun 19, 2022, at 6:14 PM, J. Hellenthal via NANOG  wrote:




 Had to send these guys a cease and desist a few years back as they became so noisy it was causing to much of a disconnect between information we were trying to compare.






Personally I don't care who you are. Probably not hiring your services (free or not), stay off my edge.


-- 
 J. Hellenthal


The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.

On Jun 19, 2022, at 13:56, Amreesh Phokeer  wrote:





Project Sonar from Rapid7 conducts internet-wide surveys and is kind enough to share the data with researchers:
https://www.rapid7.com/research/project-sonar/


On Sun, Jun 19, 2022 at 10:24 PM Mark Seiden  wrote:


btw, if you want to do this yourself, you might consider using something like


https://github.com/opsdisk/scantron





-- 
Amreesh Phokeer












Re: irrd or ...?

2022-06-20 Thread Job Snijders via NANOG
Hi Randy,

On Sun, 19 Jun 2022 at 23:07, Randy Bush  wrote:

> >> It will also take much less RAM if you turn RPKI validation off.
> >
> > oh dear ghod.  do i need to turn the dancing donkeys off too?
> >
> > "Make each program do one thing well. To do a new job, build afresh
> > rather than complicate old programs by adding new "features"."
> > -- ken thompson - unix philosophy
> >
> > a good side to a bit of economic contraction might be a side effect of
> > code bloat and featuritis contraction.
>
> to be clearer, i now run a 4GB VM with irrd2, rancid, nfsen, and a wiki.
> so i will stick with irrd2.



Are you looking for to set up just an “authoritative IRR source” (RGNET?),
or to set up an instance which mirrors all the world’s IRRs? The latter
option is quite memory heavy.

If mirroring other databases is not the goal; an “auth only” IRRd v4
deployment will easily fit your VM alongside those other apps.

Or perhaps you are interested to fund development of a modern lightweight
version of the IRRd software? :-)

Kind regards,

Job

>


Re: irrd or ...?

2022-06-20 Thread Forrest Christian (List Account)
I've seen recently a trend where code is optimized for run time and memory
consumption is a distant second consideration.  I think this is a
side-effect of the growth of big data,  where you really do have to worry
about your run time.  Unfortunately this seems to have creeped into a lot
of other types of coding where it doesn't make a much sense.

For example, it's not uncommon to see data stored in hash tables which
admittedly are fast to retrieve if you use the right hash table key.But
since most programmers don't think through the overhead of the key portion
of the table, you'll often see many hash tables each containing the exact
same set of keys, each holding one data item (say a distance in a routing
table).   A more memory efficient method is to store a structure in the
hash table containing all the values.  That way they only pay the key "tax"
once.

I could vent about all sort of other sins like this.



On Sat, Jun 18, 2022, 1:28 PM Randy Bush  wrote:

> > It will also take much less RAM if you turn RPKI validation off.
>
> oh dear ghod.  do i need to turn the dancing donkeys off too?
>
> "Make each program do one thing well. To do a new job, build afresh
> rather than complicate old programs by adding new "features"."
> -- ken thompson - unix philosophy
>
> a good side to a bit of economic contraction might be a side effect of
> code bloat and featuritis contraction.
>
> randy, who has a 32G laptop and runs an editor with an rss of ~100MB
>


Re: Test email

2022-06-20 Thread Hank Nussbacher

On 20/06/2022 11:30, Peter Potvin wrote:

I did not send this to the list.  I assume the admins are testing out 
what has been blocking my emails for the past month and somehow this 
email slipped thru.  Just ignore and delete.


-Hank

Why did moderation let this through the filters? I don't believe that 
testing email functionality is the intended use case of the NANOG 
mailing list.


Also worth noting that the website for the domain this came from says 
the owner of the site specializes in "anti-spam", which based on this 
email alone doesn't look to be the case. Anyone else agree?


Regards,
Peter


On Mon., Jun. 20, 2022, 4:15 a.m. , > wrote:



Hello,

Checking Email Functionality.

Hosting Support
Thank you,


The information contained in this message may be privileged, 
confidential and protected from disclosure. This message is intended 
only for the designated recipient(s). It is subject to access, review 
and disclosure by the sender's Email System Administrator. If you have 
received this message in error, please advise by return e-mail so that 
our address records can be corrected and please delete immediately 
without reading, copying or forwarding to others. Any unauthorized 
review, use, disclosure or distribution is prohibited.

Copyright © 2022 Accuris Technologies Ltd. All Rights Reserved.

L'information contenue dans ce message pourrait être de nature 
privilégiée, confidentielle et protégée contre toute divulgation. Ce 
message est destiné à l'usage exclusif du(des) destinataire(s) visé(s). 
Le gestionnaire de système du courrier électronique de l'expéditeur 
pourrait avoir accès à ce message, l'examiner et le divulguer. Si ce 
message vous est transmis par erreur, veuillez nous en aviser par 
courrier électronique à notre adresse, afin que l'on puisse corriger nos 
registres, puis veuillez le supprimer immédiatement, sans le lire, le 
copier ou le transmettre à des tiers. Tout examen, toute utilisation, 
divulgation ou distribution non autorisé de cette information est interdit.

Droit d'auteur © 2022 Accuris Technologies Ltd. Tous droits réservés.




Re: Test email

2022-06-20 Thread Peter Potvin via NANOG
Why did moderation let this through the filters? I don't believe that
testing email functionality is the intended use case of the NANOG mailing
list.

Also worth noting that the website for the domain this came from says the
owner of the site specializes in "anti-spam", which based on this email
alone doesn't look to be the case. Anyone else agree?

Regards,
Peter


On Mon., Jun. 20, 2022, 4:15 a.m. ,  wrote:

>
> Hello,
>
> Checking Email Functionality.
>
> Hosting Support
> Thank you,
>

-- 
The information contained in this message may be privileged, confidential 
and protected from disclosure. This message is intended only for the 
designated recipient(s). It is subject to access, review and disclosure by 
the sender's Email System Administrator. If you have received this message 
in error, please advise by return e-mail so that our address records can be 
corrected and please delete immediately without reading, copying or 
forwarding to others. Any unauthorized review, use, disclosure or 
distribution is prohibited.
Copyright © 2022 Accuris Technologies Ltd. All 
Rights Reserved.


L'information contenue dans ce message pourrait être de 
nature privilégiée, confidentielle et protégée contre toute divulgation. Ce 
message est destiné à l'usage exclusif du(des) destinataire(s) visé(s). Le 
gestionnaire de système du courrier électronique de l'expéditeur pourrait 
avoir accès à ce message, l'examiner et le divulguer. Si ce message vous 
est transmis par erreur, veuillez nous en aviser par courrier électronique 
à notre adresse, afin que l'on puisse corriger nos registres, puis veuillez 
le supprimer immédiatement, sans le lire, le copier ou le transmettre à des 
tiers. Tout examen, toute utilisation, divulgation ou distribution non 
autorisé de cette information est interdit.
Droit d'auteur © 

2022 
Accuris Technologies Ltd. Tous droits réservés.


Test email

2022-06-20 Thread hank



Hello,

Checking Email Functionality.

Hosting Support
Thank you,


Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Owen DeLong via NANOG
shadow server (to the best of my knowledge) only scans sites that have invited 
them to do so.

Owen


> On Jun 19, 2022, at 10:43 , Forrest Christian (List Account) 
>  wrote:
> 
> See shadowserver.net 
> On Sun, Jun 19, 2022, 4:13 AM Ronald F. Guilmette  > wrote:
> I would like to solicit the opinions of network operators on the practice
> of scanning all of, or large chunks of the internet for known vulnerabilities.
> 
> In earlier times, this was generally viewed as being distinctly anti-social
> behavior, but perhaps attitudes have changed relative to earlier eras.
> I would thus like to know how people feel about it now, in 2022.
> 
> 
> Regards,
> rfg
> 
> 
> P.S.  Just to be clear, I personally have neither any desire nor any intent
> to undertake such activity myself, nor am I in communiacation with any party
> or parties that have such an intent or desire.  I cannot however say that I
> am unaware of any parties that may currently be involved in such activities.



Re: Scanning the Internet for Vulnerabilities

2022-06-20 Thread Owen DeLong via NANOG
I would still consider an uninvited scan of my network antisocial.

Other operators are, of course, free to make their own choices.


Owen


> On Jun 19, 2022, at 03:13 , Ronald F. Guilmette  
> wrote:
> 
> I would like to solicit the opinions of network operators on the practice
> of scanning all of, or large chunks of the internet for known vulnerabilities.
> 
> In earlier times, this was generally viewed as being distinctly anti-social
> behavior, but perhaps attitudes have changed relative to earlier eras.
> I would thus like to know how people feel about it now, in 2022.
> 
> 
> Regards,
> rfg
> 
> 
> P.S.  Just to be clear, I personally have neither any desire nor any intent
> to undertake such activity myself, nor am I in communiacation with any party
> or parties that have such an intent or desire.  I cannot however say that I
> am unaware of any parties that may currently be involved in such activities.