Agressive scans from 69.175.126.170 - HD Moore is trying to save the Internet


I've been  seeing this for some time so you will see it soon too. We speak here mostly about SNMP probes coming from a set of very specific IPs. If you do a search on IP you get to the webpage below http://critical.io (web site is not up anymore), explaining to the reader that it constitutes a vulnerability/misconfiguration disclosure effort by HD Moore exercised on the wide Internet for our own good . I haven't had answer from Hd Moore himself (probably because of Defcon:) ) so can't really deny nor confirm this claim I did heard  I did hear from him,  it is indeed scans done by him. Anyway, as the scans are much more frequent/agressive than usual attack/scan attempts I see everyday, I decided , while not seeing them as any threat, to filter them out and here are IP addresses if you decide too. IPs: 69.175.126.168/29  69.175.126.170 184.154.42.192/29  184.154.42.194 173.236.44.96/29   173.236.44.98 69.175.54.104/29   69.175.54.106 173.236.30.120/29 173.236.30.122 96.127.150.216/29 96.127.150.218    Screenshot of the website hosted on aforementioned IPs:

screenshot of the critical.io webpage

Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.