[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: [Pool] shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes
From:       Asbjorn Hojmark <lists () hojmark ! org>
Date:       2016-01-29 7:33:52
Message-ID: 4DEA83BF-D7C9-40F2-AD63-BC9C9B3910AE () hojmark ! org
[Download RAW message or body]


> I might just be too cynical, but it also feels like something we should come to expect. \
> Anyone who's looked at traffic to an Internet facing IPv4 address have seen much worse.

I (too) might just be too cynical, or in this business too long, but I feel that if you \
communicate on the global Internet, you should expect to be probed. If you're not ready to be \
probed, your machine shouldn't be on the Net. Really.

One can probe the entire v4 Internet in minutes, so being probed should not be new to any \
device on it. The fact that the v6 address space takes ... slightly longer ;) to probe should \
not make one lazy and rely on security by obscurity, hoping that your machine will not be seen.

That being said, I do agree that the NTP pool should try to only provide the services that it \
‘advertises'. I just hope everyone realises that with volounteers running the servers and the \
pool, that will be very difficult to enforce.

-A=


[prev in list] [next in list] [prev in thread] [next in thread]