These connections are part of a new IT security research project at the Swedish Defence Research Agency (FOI). This research involves regularly making a small number of harmless connection attempts to every publicly worldwide accessible computer. This allows our researchers to measure the global Internet and analyze technology and security.
As part of this research, every public IP address receives a handful of packets per day on a selection of common ports. These consist of standard connection attempts followed by RFC-compliant protocol handshakes with responsive hosts. We only receive data that is publicly visible to anyone who connects to a particular address and port.
The data collected through these connections consists only of information that is already publicly visible on the Internet. It helps our researchers study the deployment and configuration of network protocols and security technologies. For example, we use it to help web browser developers and other software developers understand the impact of proposed protocol changes and security improvements. In some cases, we are able to detect vulnerable systems and report the problems to the system operators.
If you wish to opt-out, you can configure your firewall to drop traffic from the host we use for the scans: 37.233.77.228
If you have further questions about this research, please contact mats.persson@foi.se.