ZMap: Fast Internet-wide Scanning and Its Security Applications
نویسندگان
چکیده
Internet-wide network scanning has numerous security applications, including exposing new vulnerabilities and tracking the adoption of defensive mechanisms, but probing the entire public address space with existing tools is both difficult and slow. We introduce ZMap, a modular, open-source network scanner specifically architected to perform Internet-wide scans and capable of surveying the entire IPv4 address space in under 45 minutes from user space on a single machine, approaching the theoretical maximum speed of gigabit Ethernet. We present the scanner architecture, experimentally characterize its performance and accuracy, and explore the security implications of high speed Internet-scale network surveys, both offensive and defensive. We also discuss best practices for good Internet citizenship when performing Internet-wide surveys, informed by our own experiences conducting a long-term research survey over the past year.
منابع مشابه
Zippier ZMap: Internet-Wide Scanning at 10 Gbps
We introduce optimizations to the ZMap network scanner that achieve a 10-fold increase in maximum scan rate. By parallelizing address generation, introducing an improved blacklisting algorithm, and using zero-copy NIC access, we drive ZMap to nearly the maximum throughput of 10 gigabit Ethernet, almost 15 million probes per second. With these changes, ZMap can comprehensively scan for a single ...
متن کاملInternet-wide Scanning Taxonomy and Framework
Industrial control systems (ICS) have been moving from dedicated communications to switched and routed corporate networks, making it probable that these devices are being exposed to the Internet. Many ICS have been designed with poor or little security features, making them vulnerable to potential attack. Recently, several tools have been developed that can scan the internet, including ZMap, Ma...
متن کاملRole and Application of RFID Technology in Internet of Things: Communication, Authentication, Risk, and Security Concerns
The Internet of Things (IoT) is a very encouraging and fast-growing area that brings together the benefits of wireless systems, sensor networks, actuators, etc.A wide range of IoT applications have been targeted and several aspects of this field have been identified to address specific issues, as well as technologies and standards developed in various domains such as in radio frequency id...
متن کاملEnumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones
Security research has made extensive use of exhaustive Internet-wide scans over the recent years, as they can provide significant insights into the overall state of security of the Internet, and ZMap made scanning the entire IPv4 address space practical. However, the IPv4 address space is exhausted, and a switch to IPv6, the only accepted long-term solution, is inevitable. In turn, to better un...
متن کاملBeyond Internet Scanning: Banner Processing for Passive Software Vulnerability Assessment
Nowadays, the increasing number of devices and services that require a direct Internet access, creates new security challenges. These challenges need to meet user feature-based requirements with the companies’ restrictive security policies. Therefore, security administrators need to adopt novel tools in order to quickly and non-intrusively verify the degree of exposure of Internet-facing servic...
متن کامل