Comment by miyuru
5 hours ago
In my servers I dont have IPv4 at all, just IPv6 only.
On the plus side, it does not waste CPU cycles used to block unwanted IPv4 traffic.
5 hours ago
In my servers I dont have IPv4 at all, just IPv6 only.
On the plus side, it does not waste CPU cycles used to block unwanted IPv4 traffic.
That helps a bit, true.
But not that much, unfortunately. Those same "cYbeRseCUrITy" orgs also ingest SSL transparency logs, resolve A and AAAA for all the names in the cert, then turn around and start scanning those addresses.
In my experience, it only takes a few hours from getting an SSL certificate to junk traffic to start rolling in, even for IPv6-only servers.
Small percentage of that could be attributed directly, based on "BitSightBot", "CMS-Checker", "Netcraft Web Server Survey", "Cortex-Xpans" and similar keywords in user-agent and referer headers. And purely based on timing, there's a lot more of that stuff where scanners try and blend in.