across IPv4 in 45 minutes ► Detailed research paper with examples ► Development continues at GitHub ► Epic forge-socket support ► http://zmap.io ZMap $ zmap -p 80 -o results.txt
widespread vulnerabilities ► Provide due diligence for vendors & partners ► Market share information for products ► Locate unmanaged corporate assets ► Get a handle on shadow IT Internet Scan Data
worse each time we look ► VxWorks WDBRPC exposure is increasing ► UPnP has shown minimal improvements ► DDNS DDoS is bad enough ► SNMP is worse Security is Getting Worse
value to IT, security, and the business ► Drive research based on quantified exposure ► Build awareness around public networks ► Hold vendors and ISPs accountable ► Provide ammo for legal reform Time for a Change
as of September 10th ► Available as raw certs and parsed IP -> Name pairs ► ~33 million records @ 50 GB ( 16 GB compressed ) ► ~8.6 million unique IP->Name pairs ( 270 MB ) Sonar: Dataset 2 #ScanAllTheThings
internet scan data portal ► Accepting data from third-parties (you!) ► Includes all datasets already mentioned ► Also 18 months of SSL scans! http://scans.io Data Portals & Downloads #GrepAllTheThings?
is probably a vulnerability ► Tens of thousands of systems with duplicates ► We need eyes to actually classify these ► Identify vendors and report Duplicate SSL Certificates #ScanAllTheThings
SSL certificate ► SSL certificates map to domains Cloud services often use customer certificates ► Identify undocumented third-party services ► May find 10%+ more than your IT knows about Asset Discovery (SSL) #ScanAllTheThings
not match, but reverse is still set ► Find routers, modems, old ISP connections ► Find VPS services, rogue partners, and VARs ► Accidentally the whole intel agency Asset Discovery (DNS) #ScanAllTheThings