Sorengard Internet-Wide Network Research

Why am I receiving connection attempts from this machine?

These connections are part of an ongoing computer science research project to conduct frequent network topology analysis. The connections are initiated using ZMap, software originally released by the University of Michigan in 2013. Sorengard participates in this research and releases the raw data as a free alternative to Censys, which is the commercial offering by the University of Michigan.

This research involves making a small number of harmless connection attempts to every publicly accessible computer worldwide each day. This allows scientists to measure the global Internet and analyze trends in technology deployment and security.

As part of this research, every public IP address receives a handful of packets per day on a selection of common ports. These consist of standard connection attempts followed by RFC-compliant protocol handshakes with responsive hosts. We never attempt to exploit security problems, guess passwords, or change device configurations. We only receive data that is publicly visible to anyone who connects to a particular address and port.

Why are you collecting this data?

The data collected through these connections consists only of information that is already publicly visible on the Internet. It helps computer scientists study the deployment and configuration of network protocols and security technologies. For example, we use it to help web browser developers and other software developers understand the impact of proposed protocol changes and security improvements. In some cases, we are able to detect vulnerable systems and report the problems to the system operators.

We publish the data we collect for use by researchers worldwide. This data has been the foundation of dozens of peer-reviewed research studies, including:

Can I opt-out of these measurements?

This research helps the scientific community accurately study the Internet. The data is sometimes used to detect security problems and to inform operators of vulnerable systems so that they can fixed. If you opt-out of the research, you might not receive these important security notifications. However, if you wish to opt-out, you can configure your firewall to drop traffic from the subnet we use for the measurements: 195.181.168.161/29.

If you have further questions about this research, please contact admin@sorengard.com.