oss-sec mailing list archives
Re: [Pool] shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes
From: Rob Janssen <rob () knoware nl eu org>
Date: Wed, 27 Jan 2016 17:36:51 +0100
Luca BRUNO wrote:
[cross-posted to pool-ntp and oss-sec] For ntp.org admins: can those rogue server be expunged from the pools, and the whole shodan.io situation clarified?
shodan.io are the bad guys! block them wherever possible, put them in default blocklists suggested for firewalls, etc. these guys really don't care. when submitting networks for exclusion, they reply as if they will do something, sometimes the scanning may pause for a day or a week, then it always comes back. Rob
Current thread:
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes, (continued)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Richard Johnson (Jan 27)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Thomas B . Rücker (Jan 27)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Kurt Seifried (Jan 27)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Zach W. (Jan 27)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Hazel (Jan 29)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes enki (Jan 29)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Scott Herbert (Jan 29)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Daniel Micay (Jan 29)
- Re: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Daniel Micay (Jan 29)
- Re: [Pool] shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Rob Janssen (Jan 28)
- Re: [Pool] shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes Asbjorn Hojmark (Jan 28)