XSF Discussion - 2022-05-30

  1. phryk

    `warn No 'to' on stream header from scanner@censys.io means we can't offer any features` <- anybody ever see this jid before?

  2. phryk

    Sounds like they do automated attack surface analysis and offer their services to the feds – should I be worried? 🤔️

  3. phryk

    adasd

  4. moparisthebest

    Many people regularly scan the entire ipv4 internet, takes minutes, I wouldn't worry about it

  5. qy

    ..really? how many minutes

  6. qy

    might try it

  7. moparisthebest

    qy: under 5 minutes, have fun https://github.com/robertdavidgraham/masscan

  8. qy

    damn, guess my home internet's not powerful enough to pull that off

  9. phryk

    moparisthebest, that's not the same as protocol specific scanning, tho. I'm used to SEO shit scanning me, but nothing advertising automated security scans.

  10. moparisthebest

    phryk: plus most to all XMPP servers are here so anyone can easily scan them all https://www.shodan.io/

  11. phryk

    moparisthebest, have you seen any security companies not paid for that by you scan *your* servers?

  12. moparisthebest

    I don't look, everyone scans everything all the time like I said

  13. qy

    i can't seem to get it to scan just one port and not 0-65535

  14. qy

    seems dodgy

  15. qy

    it did just break my router though so I think i'll stop

  16. Ellenor Malik

    awoo

  17. moparisthebest

    qy: -p5222 ?

  18. qy

    no effect

  19. qy

    neither does `ports=` in

  20. qy

    neither does `ports=` in config

  21. moparisthebest

    Strange

  22. qy

    ikr