A new method has been developed by researchers from the University of Michigan, allowing the entire Internet to be scanned in under an hour.
The open-source network scanner called ZMap, has been created to expose vulnerabilites in networks, develop appropriate defense mechanisms and conduct more efficient research. Normally these tasks can take months to perform but ZMap is able to survey every IP address on the Internet in about 45 minutes, all from a single machine.
Nmap is the current method used for network scanning. It sends individual signals to each IP address and waits for a reply, whilst putting together all the information it has received from the networks contacted. Quite a long-winded process then.
ZMap sends out requests too but it also encodes the outgoing request with identifying information, so when it returns the machine can decode the requests. It doesn’t keep a list of outstanding requests, making it alot quicker. The Washington Post explains that “the lower overhead of this approach allows ZMap to send out packets more than 1,000 times faster than Nmap.”
This new method could prove vital in helping researchers in the future, as was shown when it was used to find out how many people were affected by Hurricane Sandy. During a hurricane, computers are knocked offline. ZMap was able to quickly scan how many computers were affected by Hurricane Sandy, giving real-time data.
As with any new technology the concern over privacy has been raised, but in response to this ZMap’s creators said, “It should go without saying that scan practitioners should refrain from exploiting vulnerabilities or accessing protected resources, and should comply with any special legal requirements in their jurisdictions.”
The open-source network scanner called ZMap, has been created to expose vulnerabilites in networks, develop appropriate defense mechanisms and conduct more efficient research. Normally these tasks can take months to perform but ZMap is able to survey every IP address on the Internet in about 45 minutes, all from a single machine.
Nmap is the current method used for network scanning. It sends individual signals to each IP address and waits for a reply, whilst putting together all the information it has received from the networks contacted. Quite a long-winded process then.
ZMap sends out requests too but it also encodes the outgoing request with identifying information, so when it returns the machine can decode the requests. It doesn’t keep a list of outstanding requests, making it alot quicker. The Washington Post explains that “the lower overhead of this approach allows ZMap to send out packets more than 1,000 times faster than Nmap.”
This new method could prove vital in helping researchers in the future, as was shown when it was used to find out how many people were affected by Hurricane Sandy. During a hurricane, computers are knocked offline. ZMap was able to quickly scan how many computers were affected by Hurricane Sandy, giving real-time data.
As with any new technology the concern over privacy has been raised, but in response to this ZMap’s creators said, “It should go without saying that scan practitioners should refrain from exploiting vulnerabilities or accessing protected resources, and should comply with any special legal requirements in their jurisdictions.”