If you are looking at this page, then more than likely, you noticed a scan coming from this server across your network and/or poking at the Redis server service.
The Shadowserver Foundation is currently undertaking a project to search for publicly accessible devices that have the Redis service running. The goal of this project is to identify openly accessible systems that have Redis running and report them back to the network owners for remediation.
This service does not support authentication which means any entity that can access the Redis instance can have complete control over the key-value store.
Redis servers that we have found to be accessible have been incorporated into our reports and are being reported on a daily basis.
We are querying all computers with routable IPv4 addresses that are not firewalled from the internet on port 6379/tcp with the command "INFO" and capturing the response. We intend no harm, but if we are causing problems, please contact us at gro [tod] revreswodahs [ta] nac ssnd
If you would like to test your own device to see if it has Redis accessible, try the command: "nc [IP] 6379" and type in "INFO" (without the quotes), followed by a carriage return. If Redis is running, expect to see information about the Redis server appear on your screen. If your system does not have the command "nc", it may also be called "netcat".
To be removed from this set of scanning you will need to send an email to dnsscan [at] shadowserver [dot] org with the specific CIDR's that you would like to have removed. You will have to be the verifiable owner of these CIDR's and be able to prove that fact. Any address space that is whitelisted will be publicly available here: https://redisscan.shadowserver.org/exclude.html
Stats from the most current scan are listed below.
(Click image to enlarge)
If you would like to see more regions click here
If you would like us to not scan your network, please let us know and we will remove your networks from the scan.
Likewise, if you have anymore questions please feel free to send us an email at: gro [tod] revreswodahs [ta] nac ssnd