INTERNET SCANNING - CURRENT STATE AND LESSONS LEARNED

After publishing raw data sets and engaging with the community within our Internet Scanning efforts labeled Project Sonar, there were several logical next steps and an endless amount of ideas to follow up on. In the first quarter of 2014, we were implementing databases, search engines, and generic trending features on top of the collected data from the project. Several community members, from students to pentesters and researchers, downloaded the data sets and started analysis on their own or used it for their work.

This talk presents the latest results from our efforts, such as investigative tools that allow for correlation of the data sets and a generic trending database that allows us to monitor security improvements by country or industry type.

At the same time, we will present the next scan types we are publishing and would like to bring attention to the new possibilities. We demo example processing and show how to work with the data.

Last but not least we will visit the latest findings in terms of vulnerabilities and misconfigurations that we came across in the deep corners of the internet. For example we will talk about statistics around the SSL heartbleed vulnerability that can be generated from our datasets.

Presented by