What is the source network for security scans conducted by ISO?

All Information Information Security Office scanning is initiated from the following subnet:

Scanning will be initiated only from IP addresses with DNS hostnames in the "security.berkeley.edu" subdomain. All ISO scanners have hostnames that reflect their role, such as "sns-campus-scanner-1.security.berkeley.edu".

If you detect scanning activity and are unsure if an ISO scanner is the source, please contact security@berkeley.edu for verification.