1. Forum
  2. Usenet
  3. COMP.MISC

  • [LINK] British govt is scanning all Internet devices hosted in UK

    From Computer Nerd Kev@21:1/5 to All on Sun Nov 6 09:14:56 2022
    British govt is scanning all Internet devices hosted in UK
    By Sergiu Gatlan, November 4, 2022
    - https://www.bleepingcomputer.com/news/security/british-govt-is-scanning-all-internet-devices-hosted-in-uk/

    "The United Kingdom's National Cyber Security Centre (NCSC), the
    government agency that leads the country's cyber security mission,
    is now scanning all Internet-exposed devices hosted in the UK for
    vulnerabilities.

    The goal is to assess UK's vulnerability to cyber-attacks and to
    help the owners of Internet-connected systems understand their
    security posture.

    "These activities cover any internet-accessible system that is
    hosted within the UK and vulnerabilities that are common or
    particularly important due to their high impact," the agency said.

    "The NCSC uses the data we have collected to create an overview of
    the UK's exposure to vulnerabilities following their disclosure,
    and track their remediation over time."

    NCSC's scans are performed using tools hosted in a dedicated
    cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk
    and two IP addresses (18.171.7.246 and 35.177.10.231)." ...

    --
    __ __
    #_ < |\| |< _#

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Sun Nov 6 07:54:02 2022
    Am 6.10.22 09:14:56 +1000 schrieb Computer Nerd Kev:

    "The United Kingdom's National Cyber Security Centre (NCSC), the
    government agency that leads the country's cyber security mission,
    is now scanning all Internet-exposed devices hosted in the UK for
    vulnerabilities.

    The goal is to assess UK's vulnerability to cyber-attacks and to
    help the owners of Internet-connected systems understand their
    security posture.

    I think this is ok if the operators are going to be contacted if vulnerabilities are detected. They then can fix them.

    NCSC's scans are performed using tools hosted in a dedicated
    cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk
    and two IP addresses (18.171.7.246 and 35.177.10.231)." ...

    Do they also have IPv6?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to Marco Moock on Wed Nov 9 15:23:33 2022
    Marco Moock <mo01@posteo.de> wrote:
    Am 6.10.22 09:14:56 +1000 schrieb Computer Nerd Kev:
    NCSC's scans are performed using tools hosted in a dedicated
    cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk
    and two IP addresses (18.171.7.246 and 35.177.10.231)." ...

    Do they also have IPv6?

    It's impractical to scan IPv6 addresses because of the huge namespace: typically 2^64 to 2^72 endpoints per customer. Scanning is really only a viable attack on v4 or, if you have some visibility into the network, to
    probe the IPs traffic is seen to be coming from. But this also means script kiddie port scanning isn't really a major threat on v6.

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Wed Nov 9 16:38:20 2022
    Am 15.05.2006 um 15:23:33 Uhr schrieb Theo:

    It's impractical to scan IPv6 addresses because of the huge namespace

    This is true, but most governments already spy out their citizens and
    therefore know which IPv6 addresses are in use. The Ipv6 addresses that
    were in use the last month could be scanned.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)