Comment by diltonm - Hacker Neue

diltonm Mar 4, 2015 parent

freakattack.com is an IP owned and managed by the University of Michigan. I could not visit the site due to them being in my firewall's ban list caused by unauthorized vulnerability testing against my home network.

As an aside I wonder why our tax dollars are being used to support unauthorized vulnerability attempts and for hosting a .com commercial site?

Is it legal for the person/people operating freakattack.com to use US Tax Income to fund their own commercial efforts using University resources? I didn't graduate college, maybe it's legal for them to do this?

LeafStorm Mar 4, 2015

> support unauthorized vulnerability attempts

That was probably just a random student who learned some fun stuff in Security class and slept through the Ethics lesson. I can't speak for UMich, but security research at my university (NC State) has a very strict "don't attack civilians" policy.

> hosting a .com commercial site

First off, .com sites are not necessarily commercial. Second, this isn't a commercial site, it's an informational page about a recently discovered TLS vulnerability.

diltonm OP Mar 4, 2015

In the first case I read you as saying it's OK to commit a crime against a civilian in the United States as long as [the person didn't mean to] and in the second case that since not all .COM domains are used for commercial purposes and since this one seems to be information only at the moment; that our tax dollars which helps Universities across the United States to run can be used to fund whatever .COM sites students feel so inclined to register and for whatever reason they feel is justified.

exo762 Mar 4, 2015

I heard that rhetoric when ones you are calling for help prosecuted Aaron Schwartz. All in times when NSA was hacking all the systems they could get their hands on both around the world and in USA.

You may be overreacting and unwillingly supporting erosion of civil rights.

geofft Mar 4, 2015

What is your evidence that the vulnerability testing was done by someone supported by your tax dollars, instead of by a computer that was part of a botnet controlled by your government's cyberenemies?

nuxi7 Mar 4, 2015

Its probably just scans from zmap. Complaining about zmap scans is about on the level of complaining about ssllabs.com scanning your box.

https://zmap.io/

It could be a student in the dorms who discovered metasploit though. Or someone in the computer lab who has a tool that doesn't need root. (or who rooted the lab computer)

diltonm OP Mar 4, 2015

Here is a check for the IP for freakattack.com:

http://www.tcpiputils.com/browse/ip-address/141.212.122.194

Edit: They have been on that list for a while, so either the staff at the University is incompetent or they don't care; what was your point again?

dadrian Mar 4, 2015

This is why reverse DNS exists. http://researchscan450.eecs.umich.edu/

moyix Mar 4, 2015

You are actually correct that you were scanned by an official, funded project at the University of Michigan. The research team specializes in "internet-wide measurement", meaning they scan for vulnerabilities on a regular basis in order to get a sort of "Internet health report".

Nonetheless, if this bothers you, visiting the IP that scanned you gives you instructions for opting out: http://141.212.122.194

diminoten Mar 4, 2015

He asked about why UMichigan is inaccessible from your network. How do you know it was a supported student activity and not either a malicious student, or a machine on the UMichigan network that's been compromised?

Have you reported the activity against your home network to UMichigan?

This item has no comments currently.

Preferences

Keyboard Shortcuts

Story Lists

Navigation

Miscellaneous