• [LINK] British govt is scanning all Internet devices hosted in UK

    From not@not@telling.you.invalid (Computer Nerd Kev) to comp.misc on Sun Nov 6 09:14:56 2022
    From Newsgroup: comp.misc

    British govt is scanning all Internet devices hosted in UK
    By Sergiu Gatlan, November 4, 2022
    - https://www.bleepingcomputer.com/news/security/british-govt-is-scanning-all-internet-devices-hosted-in-uk/

    "The United Kingdom's National Cyber Security Centre (NCSC), the
    government agency that leads the country's cyber security mission,
    is now scanning all Internet-exposed devices hosted in the UK for
    vulnerabilities.

    The goal is to assess UK's vulnerability to cyber-attacks and to
    help the owners of Internet-connected systems understand their
    security posture.

    "These activities cover any internet-accessible system that is
    hosted within the UK and vulnerabilities that are common or
    particularly important due to their high impact," the agency said.

    "The NCSC uses the data we have collected to create an overview of
    the UK's exposure to vulnerabilities following their disclosure,
    and track their remediation over time."

    NCSC's scans are performed using tools hosted in a dedicated
    cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk
    and two IP addresses (18.171.7.246 and 35.177.10.231)." ...
    --
    __ __
    #_ < |\| |< _#
    --- Synchronet 3.19c-Linux NewsLink 1.113
  • From Marco Moock@mo01@posteo.de to comp.misc on Sun Nov 6 07:54:02 2022
    From Newsgroup: comp.misc

    Am 6.10.22 09:14:56 +1000 schrieb Computer Nerd Kev:

    "The United Kingdom's National Cyber Security Centre (NCSC), the
    government agency that leads the country's cyber security mission,
    is now scanning all Internet-exposed devices hosted in the UK for
    vulnerabilities.

    The goal is to assess UK's vulnerability to cyber-attacks and to
    help the owners of Internet-connected systems understand their
    security posture.

    I think this is ok if the operators are going to be contacted if vulnerabilities are detected. They then can fix them.

    NCSC's scans are performed using tools hosted in a dedicated
    cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk
    and two IP addresses (18.171.7.246 and 35.177.10.231)." ...

    Do they also have IPv6?

    --- Synchronet 3.19c-Linux NewsLink 1.113
  • From Theo@theom+news@chiark.greenend.org.uk to comp.misc on Wed Nov 9 15:23:33 2022
    From Newsgroup: comp.misc

    Marco Moock <mo01@posteo.de> wrote:
    Am 6.10.22 09:14:56 +1000 schrieb Computer Nerd Kev:
    NCSC's scans are performed using tools hosted in a dedicated
    cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk
    and two IP addresses (18.171.7.246 and 35.177.10.231)." ...

    Do they also have IPv6?

    It's impractical to scan IPv6 addresses because of the huge namespace: typically 2^64 to 2^72 endpoints per customer. Scanning is really only a viable attack on v4 or, if you have some visibility into the network, to
    probe the IPs traffic is seen to be coming from. But this also means script kiddie port scanning isn't really a major threat on v6.

    Theo
    --- Synchronet 3.19c-Linux NewsLink 1.113
  • From Marco Moock@mo01@posteo.de to comp.misc on Wed Nov 9 16:38:20 2022
    From Newsgroup: comp.misc

    Am 15.05.2006 um 15:23:33 Uhr schrieb Theo:

    It's impractical to scan IPv6 addresses because of the huge namespace

    This is true, but most governments already spy out their citizens and
    therefore know which IPv6 addresses are in use. The Ipv6 addresses that
    were in use the last month could be scanned.

    --- Synchronet 3.19c-Linux NewsLink 1.113