On 5/6/22 12:33, Jarland Donnell via mailop wrote:
Isn't that a bit of an overreaction? If you didn't want any undesirable
traffic you'd whitelist IPs in your firewall or run it on LAN. It's a
very standard expectation that other servers will hit yours without your
consent on the public internet.
If you see an unknown person walk up to your car and try all the doors,
the hood and the trunk, even if it's parked on a public street, you'd
likely call the police.
What annoys me more is that every two-bit organization is now doing this
under the banner of "research" .. so now, instead of a single guy
checking your car, we've got entire communities probing not only your
car but also your house.
How much "noise" should we tolerate before we decide it's a problem?
Until it saturates our uplink(s)?
While I have automated mitigations in place, these do have limits that
I'd rather not reach.
On 2022-05-06 11:16, L. Mark Stone via mailop wrote:
Good Morning,
Asking if anyone has had experience with internet-research-project.net
please? They have no apparent web presence, so no straightforward way
to contact them.
Linode hosts this allegedly legitimate security researcher, and my
mail systems logs are full of connections from a large number of IPs
like "cloud-scanner-17c84c24.internet-research-project.net" where the
server just drops the connection without attempting authentication.
Looks like a port probe.
I opened up a support case with Linode; they said their Trust &
Security team feels their customer is doing legitimate security
research. I responded that I thought it was a violation of the
Computer Fraud and Abuse Act of 1986 (as amended), as we have never
authorized any third party to access our systems for anything other
than sending legal email to our customers.
Linode said if I gave Linode all of my servers' IP addresses, they
would pass them on to internet-reserach-project.net with a request
that they not probe my IPs any longer (I declined). I responded
asking for all of the IPs internet-research-project.net uses so I can
block them on my firewall (Linode declined).
So before I start blocking all of the Linode networks from which this
traffic originates, I thought I should ask here to see if anyone else
has had experience with this internet-research-project.net
organization.
I used to host at Linode. I thought they were pretty good a few years
ago, with great customer service and solid hosting at the time.
Any insights/suggestions/etc. are greatly appreciated.
Thanks in advance,
Mark
_
L. Mark Stone, Founder
Mission Critical Email LLC
North America's Leading Zimbra VAR/BSP/Training Partner
For Companies With Mission-Critical Email Needs
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
