Talk:Shadowserver Foundation

POV
I don't want to spoil anyone's party, but this page reads rather more like an advertisement rather than a wiki entry.. would someone care to fix that? i'm not really into the different wiki policies, and don't really have time to see what to do about it, if only to report it, but it seems as if change is necessary. (Unsigned?)

Yeah, it does seem like an advert, and also has lots of "we are not   ".. say what you are, not what you arn't.. 80.6.152.186 (talk)

I'm gonna db-g11 it, not sure how that'll go down with people.. the article just oozes advertisement, talking about how it "achieves goals", the "primary responsibilities", "we arn't a vigilante group". Fair enough, they got 4 references, but I'm sure most people will agree this article totally reads as an advert. TigerTails (talk) 23:09, 24 October 2009 (UTC)


 * There are four references, three known notables with significant coverage. It took me five minutes to confirm their contents. The Washington Post's article is particularly in-depth. If you'd briefly scanned them, or even bothered to read the refs section, you'd have found enough material to write a decent article instead of asking for deletion. Baffle gab1978 (talk) 23:30, 24 October 2009 (UTC)
 * Needs some improvement, yes. But it's not speedy-deletable in its current form. Bearcat (talk) 23:41, 24 October 2009 (UTC)

---

We are now more than a half year further, still this article reads like an advertisement. Hence I believe this article should be deleted. —Preceding unsigned comment added by 195.169.215.40 (talk) 15:27, 5 July 2010 (UTC)


 * i agree looks like it belongs on the websites front page Sparkler99 (talk) 11:58, 2 July 2011 (UTC)


 * Shadowserver is a non-profit, volunteer botnet hunting and research group. The contents may not be well formatted, but this entry is not, in no way, an advertisement. Furthermore Shadowserver is an important organisation, you just have to look at the references to confirm that. I would suggest that it's left as it is until someone knowledgeable can rewrite the page, but the page as is is an accurate reflection of an important volunteer research group and should not be deleted just because someone doesn't understand what it's about. 94.126.240.2 (talk) 11:34, 5 March 2012 (UTC)

---

More years later yet... 2016... the 'POV' caution for "reads like an advert" still on the Shadowserver Foundation wiki page is now just dumb. The page does not read like an advert at all. Shadowserver is an extremely well known and respected organisation in the internet security industry, you've got to be living under a rock to not know of them if you're in any way involved in internet matters. I added a reference to the 1 Dec 2016 press release by EUROPOL quoting their work with Shadowserver to take down the notorious Avalanche botnet. Luc-Spamhaus-CH (talk) 14:49, 3 December 2016 (UTC)

Good hackers?
According to my routerlog, there is daily DOS-attacks coming from shadowserver.org. There are a bunch of IPs listet at wellknown services. That brings up some questions: How can i get assured that these are the good(tm) hackers? Are these activities listed somewhere for transparency? etc. --Itu (talk) 10:06, 11 August 2015 (UTC)

These are not DOS-attacks (although QOTD - https://qotdscan.shadowserver.org - probes are known to trigger DOS attack alerts in certain router logs - even though they are not attacks). Activity is listed at http://blog.shadowserver.org/2014/08/22/of-scannings-and-statistics/ for transparency. Assuming that you have a static IP that you verifiably own/control, you can sign up for the reports at https://www.shadowserver.org/wiki/pmwiki.php/Involve/GetReportsOnYourNetwork. You can also request to be whitelisted from scanning. You can like - or not like - the scanning, they are however not DOS-attacks, nor are they illegal. SS 66.235.190.60 (talk) 20:42, 24 February 2017 (UTC)

Botnets -- The effective international law enforcement action against the Avalanche botnet system is impressive. and the list of remediation tools from the major security vendors is very useful (http://blog.shadowserver.org/category/botnets/ at the page bottom). (see https://www.europol.europa.eu/newsroom/news/%E2%80%98avalanche%E2%80%99-network-dismantled-in-international-cyber-operation) I see ulogd(592) blocked in my router log, in some cases from IP's that name resolve to a shadowserve.org name. Are these involving bots that have been sinkholed? I will investigate further, but the recent articles appear to validate the organization. SC

All IPs used by Shadowserver for scanning resolve to a shadowserver.org name. If it does not resolve to a shadowserver.org name, it is not part of scanning performed by shadowserver. The scans have no relation to the bots that are sinkholed - the sinkholed bots are not controlled by Shadowserver in any way, they are simply reported to network owners and national CERTs for remediation. SS 66.235.190.60 (talk) 20:42, 24 February 2017 (UTC)

Bad hackers
The Shadow Server Foundation was found to unjustifiably access and track private computers and private computer activity in at least one case, making their actions unathorized and illegal under international law. — Preceding unsigned comment added by 213.10.39.235 (talk) 16:18, 2 February 2017 (UTC)

The statement above is simply incorrect. The individual above is likely refering to scans described at http://blog.shadowserver.org/2014/08/22/of-scannings-and-statistics/ SS 66.235.190.60 (talk) 20:44, 24 February 2017 (UTC)

iron sandboxes?
thousands of virtual sandboxes and hundreds of iron sandboxes

Does 'iron' here mean bare-metal servers, or is it a reference to SRWare Iron? —johndburger 15:25, 20 June 2022 (UTC)