Internet-wide Scanning

From SHA2017 Wiki
Revision as of 18:08, 6 August 2017 by Azet (talk | contribs)

Jump to: navigation, search

Internet-wide Scans @ SHA2017

General Information

We're doing live internet-wide scans utilising the available bandwidth and peerings that SHA2017 will provide. We have a machine on-site that can also be accesses remotely and a workshop on the 7th (may change) regarding these scans and the topic in general. You may participate and submit scans. Please do this as described in the GitHub document below (https://gist.github.com/azet/54862407b7af1c2813e590ead83f7553)!

We're setting up infrastructure to utilize the available bandwidth at the SHA2017 hacker camp in the Netherlands. Participation is more than welcome! This doesn't mean you have to be at the camp physically -- you may suggest scanning proposals/ideas (see below) & do your research remotely via ssh(1) or have someone implement and run your idea at the camp. There will be a workshop on internet-wide scanning - we'll present our results and teach willing participants what we know, have learned scanning the internet in the past, from others and during the camp. We will also let the participants run their own scans -- if we feel they're valuable, ethical and non-disruptive. Full attribution (professional, academic & otherwise) will go to the original authors of ideas and implementers of scans run during SHA2017 and developed at the mentioned workshop! We should not even have to mention this fact - as this should be the norm (hey there, academia!).'

Participate & Submit Scans

More information and participation via this GitHub document (take a look at the comment-section as well): https://gist.github.com/azet/54862407b7af1c2813e590ead83f7553

Ongoing Scans (not updated in real time!)

RoCEv2_started-Sat,_05_Aug_2017_22:51:25_+0000 SCTP_many_ports_started-Sat,_05_Aug_2017_23:07:56_+0000 chargen-p19-auth:BenBE_started-Sat,_05_Aug_2017_20:50:45_+0000 dns_started-Sat,_05_Aug_2017_21:01:17_+0000 elasticsearch-9300-cluster_started-Sat,_05_Aug_2017_20:23:32_+0000 elasticsearch_started-Sun,_06_Aug_2017_15:33:34_+0000 ftp_started-Sat,_05_Aug_2017_03:40:55_+0000 gprs_tunneling_started-Sun,_06_Aug_2017_15:27:23_+0000 http_started-Sat,_05_Aug_2017_02:02:50_+0000 https_2_started-Sat,_05_Aug_2017_02:49:55_+0000 https_mass_started-Sat,_05_Aug_2017_13:08:08_+0000 https_padding_oracles_started-Sat,_05_Aug_2017_22:42:30_+0000 https_started-Sat,_05_Aug_2017_01:50:36_+0000 iwarp_started-Sat,_05_Aug_2017_22:49:36_+0000 pop3_started-Sat,_05_Aug_2017_22:39:19_+0000 pop3s_started-Sun,_06_Aug_2017_11:43:55_+0000 sip-many-ports_started-Sun,_06_Aug_2017_15:45:06_+0000 smtp_started-Sun,_06_Aug_2017_15:43:28_+0000 smtps_port-25-Sun,_06_Aug_2017_15:37:41_+0000 smtps_port-465_started-Sun,_06_Aug_2017_15:40:19_+0000 smtps_port-587_started-Sun,_06_Aug_2017_15:42:23_+0000 snmp_started-Sat,_05_Aug_2017_22:58:45_+0000 ssh_started-Sun,_06_Aug_2017_15:29:52_+0000 syslog_started-Sat,_05_Aug_2017_22:44:06_+0000 upnp_ssdp_started-Sun,_06_Aug_2017_15:15:47_+0000 vnc_started-Sat,_05_Aug_2017_23:04:18_+0000 xmpp_started-Sat,_05_Aug_2017_22:53:47_+0000

Emergencies

If there are any real emergencies (network issues, abuse inquiries, et cetera) you may get in contact with "azet" by the following means:

@a_z_e_t (Twitter)

shascan@azet.org (Mail)

azet (IRC - OFTC, Freenode)

azet@jabber.ccc.de (Jabber/XMPP)

Retrieved from "https://wiki.sha2017.org/index.php?title=Internet-wide_Scanning&oldid=10812"