Malicious attacks to Atlas probe hostnames

tim 1 July 2023 18:40 1

Howdy!

I noticed a slew of malicious inbound attacks coming to my atlas probe hostname, can someone at RIPE NCC please comment on tracking down the actors responsible? SRC IP is:

GET /public/plugins/yeya24-chaosmesh-datasource/…/…/…/…/…/…/…/…/…/…/…/…/…/…/…/…/…/…/…/etc/passwd HTTP/1.1

Host: pXXXXX.probes.atlas.ripe.net

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36

Accept: /

Accept-Language: en

Accept-Encoding: gzip

Connection: close

Topic		Replies	Views	Activity
Issues in Atlas J-root instance stats page RIPE Atlas dns	4	424	13 May 2023
ISP Outages and connectivity comparisons RIPE Atlas	2	779	22 May 2023
New RIPE Atlas coverage and statistics page RIPE Atlas dataviz	1	734	8 April 2024
RIPE Atlas network coverage RIPE Atlas dataviz	5	1046	30 June 2023
RIPE Atlas "shining a light on the Internet since 2010" - take a look at this probe deployment map! RIPE Atlas dataviz	1	1116	29 June 2023