SNMP/TCP probes from critical.io
hi! during the last couple of days, i noticed probes from some hosts that present themselves as critical.io probe hosts, including but not limited to, the following IP addresses: * 184.154.42.194 / critical.io * 69.64.43.135 / research1.critical.io * 69.64.43.137 / research2.critical.io * 69.64.43.142 / research3.critical.io * 50.116.22.209 The systems present the following information via http:
This system is coordinating an internet-wide survey of open TCP ports, service banners, SNMP system descriptions, and NetBIOS name queries. The results of this survey will be used to uncover systematic vulnerabilities in the equipment provided by ISPs to their customers.
Have you noticed these probes and what are your thoughts on them? Cheers, Raoul -- ____________________________________________________________________ DI (FH) Raoul Bhatia M.Sc. email. r.bhatia@ipax.at Technischer Leiter IPAX - Aloy Bhatia Hava OG web. http://www.ipax.at Barawitzkagasse 10/2/2/11 email. office@ipax.at 1190 Wien tel. +43 1 3670030 FN 277995t HG Wien fax. +43 1 3670030 15 ____________________________________________________________________
This is HD Moore's latest experiment. It is annoying for sure but well .. he's doing it for research, and you can either acl off his probes or email him and he'll exempt your ASN from whatever scanning he is doing. On Wed, May 23, 2012 at 3:48 PM, Raoul Bhatia [IPAX] <r.bhatia@ipax.at> wrote:
* 184.154.42.194 / critical.io * 69.64.43.135 / research1.critical.io * 69.64.43.137 / research2.critical.io * 69.64.43.142 / research3.critical.io * 50.116.22.209
-- Suresh Ramasubramanian (ops.lists@gmail.com)
participants (2)
-
Raoul Bhatia [IPAX]
-
Suresh Ramasubramanian