I scanned all of ACT Bangalore customers, and the results aren’t surprising
Update: ACT now blocks most inter-customer communication now.
ACT is one of the largest ISPs in Bangalore. I’ve been their customer for quite some time now. I’ve know they do not provide me with a public IP address, but rather push me behind a NAT (10.242.0.0/24 I’d thought). I recently realized that ACT doesn’t actually block any cross-customer communication. (While trying to see if I can get a neighbouring friend to watch a stream off my server without incurring ACT data charges).
Hence, the next obvious step was to scan the entire ACT network.
The masscan configuration used for the scan was:
masscan 10.242.0.0/15,10.244.0.0/15 -p80,23,443,21,22,25,3389,110,445,139,143,53,135,3306,8080,1723,111,995,993,5900,1025,587,8888,199,1720,465,548,113,81,6001,10000,514 — rate=1000 -oX act.xml
This ensures the following:
- Scan the top few TCP ports
- Keep the scan slow, so it doesn’t cause any network issues, and I don’t wake up anyone at ACT
- The 2 subnets were found by trial and error. I tried scanning 10.0.0.0/8 using a ping scan to discover other ranges, but these are the only ones that responded for me in a meaningful time.
Did you find your own router on the list? Let me know!
Some of the fun stuff I found out:
Someone is running a postfix SMTP server on a debian box:
220 pg.victory.com ESMTP Postfix (Debian/GNU)
220 2.0.0 Ready to start TLS
A lot of servers running the default TP-Link FTP server:
220 Welcome to TP-LINK FTP server
530 Please login with USER and PASS.
I found a few BEAM devices, which I think are just routers that ACT gives out with new connections (or used to?)
Some badly designed ones:
A lot of ASUS routers:
Lots of IP-Camera logins:
People running pfsense!
And people running things I’ve never heard of:
It was a quick fun thing, but I might leave the scan running on a schedule sometime later to store historical data. If there are any important ports you think I missed, or if you have any other suggestions, please reach out.