These connections are part of a long-term computer science research project at Stanford University. This research involves making a small number of harmless connection attempts to every publicly accessible computer worldwide each day. This allows scientists to measure the global Internet and analyze trends in technology deployment and security.
As part of this research, every public IP address receives a handful of packets on common ports. These consist of standard connection attempts followed by RFC-compliant protocol handshakes with responsive hosts. We never attempt to exploit security problems, guess passwords, or change device configurations. We only receive data that is publicly visible to anyone who connects to a particular address and port.
The data collected through these connections consists only of information that is already publicly visible on the Internet. It helps computer scientists study the deployment and configuration of network protocols and security technologies. For example, we use it to help web browser developers and other software developers understand the impact of proposed protocol changes and security improvements. In some cases, we are able to detect vulnerable systems and report the problems to the system operators.
We publish most of the data we collect for use by researchers worldwide. This data has been the foundation of dozens of peer-reviewed research studies, including:
This research helps the scientific community accurately study the Internet. The data is sometimes used to detect security problems and to inform operators of vulnerable systems so that they can fixed. If you opt-out of the research, you might not receive these important security notifications.
If you wish to opt-out, you can configure your firewall to drop traffic from the subnet we use for measurements: 171.67.70.0/23. If you have further questions, contact research-abuse@cs.stanford.edu.