[152903] in North American Network Operators' Group
SNMP/TCP probes from critical.io
daemon@ATHENA.MIT.EDU (Raoul Bhatia [IPAX])
Wed May 23 06:19:34 2012
Date: Wed, 23 May 2012 12:18:33 +0200
From: "Raoul Bhatia [IPAX]" <r.bhatia@ipax.at>
To: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
hi!
during the last couple of days, i noticed probes from some hosts that
present themselves as critical.io probe hosts, including but not
limited to, the following IP addresses:
* 184.154.42.194 / critical.io
* 69.64.43.135 / research1.critical.io
* 69.64.43.137 / research2.critical.io
* 69.64.43.142 / research3.critical.io
* 50.116.22.209
The systems present the following information via http:
> This system is coordinating an internet-wide survey of open TCP
> ports, service banners, SNMP system descriptions, and NetBIOS name
> queries. The results of this survey will be used to uncover
> systematic vulnerabilities in the equipment provided by ISPs to their
> customers.
Have you noticed these probes and what are your thoughts on them?
Cheers,
Raoul
--
____________________________________________________________________
DI (FH) Raoul Bhatia M.Sc. email. r.bhatia@ipax.at
Technischer Leiter
IPAX - Aloy Bhatia Hava OG web. http://www.ipax.at
Barawitzkagasse 10/2/2/11 email. office@ipax.at
1190 Wien tel. +43 1 3670030
FN 277995t HG Wien fax. +43 1 3670030 15
____________________________________________________________________
