greetings.

it should be mentioned that shadowserver also notifies those who register as the owners of that address space.
it’s very useful.  (it would be more useful if they calculated diffs and notified about changes/additions.)

my thinking about this sort of thing, in general, is:

- it depends on who’s doing it and why, and what they do with the information
(so what keeps you from doing it for the benefit of your less clueful downstream customers?)

- absolutely nothing prevents bad guys from doing it, so discouraging it fits in the category of
“politeness rules only observed by nice people”.

- it’s polite enough for me for the good guys to identify themselves so you (the target) can worry 
less when you notice the activity.

(btw, this reasoning applies also about crawls of content from the wayback machine.)



On Jun 19, 2022, at 10:45 AM, Forrest Christian (List Account) <lists@packetflux.com> wrote:

Correction... shadowserver.org

They scan the entire ipv4 internet daily for select potential vulnerabilities. 

On Sun, Jun 19, 2022, 11:43 AM Forrest Christian (List Account) <lists@packetflux.com> wrote:

On Sun, Jun 19, 2022, 4:13 AM Ronald F. Guilmette <rfg@tristatelogic.com> wrote:
I would like to solicit the opinions of network operators on the practice
of scanning all of, or large chunks of the internet for known vulnerabilities.

In earlier times, this was generally viewed as being distinctly anti-social
behavior, but perhaps attitudes have changed relative to earlier eras.
I would thus like to know how people feel about it now, in 2022.


Regards,
rfg


P.S.  Just to be clear, I personally have neither any desire nor any intent
to undertake such activity myself, nor am I in communiacation with any party
or parties that have such an intent or desire.  I cannot however say that I
am unaware of any parties that may currently be involved in such activities.