Internet Scanning
The internet is vast, and there are many vulnerabilities that can be exploited by attackers. To defend the internet, we need to map it efficiently. One way to do this is through internet-wide security scanning. By exposing vulnerabilities and tracking the adoption of defensive mechanisms, we can better protect the internet.
Zmap is an open-source scanner designed to scan the entire internet. It is efficient and is able to scan the entire IPv4 address range within an hour. The Zmap architecture eliminates local per-connection state and uses a shotgun scanning approach, always sending n probes per host. It scans widely dispersed targets as fast as the networks permit and uses a probe-optimized network stack to bypass inefficiencies by generating Ethernet frames. Hosts are scanned according to a random permutation to avoid excessive state. Validating responses without local per-target state is achieved by encoding secrets into mutable fields of probe packets that will have a recognizable effect on responses.
Compared to Nmap, Zmap is 1300 times faster when scanning one million random hosts. Nmap uses timeouts, whereas Zmap doesn’t use timeouts and has no state for scanning which contributes to the better performance over nmap.
Using the internet scanning, researchers have found many widespread vulnerabilities, one of them is weak cryptographic keys. Entropy is used in application such as cryptography that require randomness. Lack of entropy has an impact on security. Researchers found that two different embedded device can generate same public key to weak entropy. In many Linux-based embedded systems, /dev/urandom is used to generate these keys, and it uses input pools as a source of entropy, such as the time of boot, keyboard, and disk access timing. However, these inputs are not available or more predictable in embedded systems.
The poor generation of public keys in embedded systems is a significant security concern. To address this issue, we need to improve the entropy sources in embedded systems. One solution is to use hardware-based random number generators, which can provide a higher level of entropy. Another solution is to use a trusted platform module (TPM), which is a hardware chip that can generate and store cryptographic keys.