Impressive Achievement
Congrats.
Researchers at the University of Michigan have developed a new tool that allows a single server with a gigabit Ethernet port to scan the internet so quickly that it can map 98 per cent of the world's IPv4 connections in under 45 minutes. Mapping internet nodes is nothing new – companies and researchers have been doing it for …
Impressive indeed. Good job ipv6 is on the way. For the same trick there I estimate it would take a little over 6,000 years to complete the scan. Having said that I bet you can't achieve the same optimisations with ipv6: addresses are longer so packet size limitations kick in earlier. Call it 9,000 years ... ish. I'll be dead and gone to a better place before that becomes a problem I need to worry about :-)
There is absolutey no doubt that a dark version of this tool will spring up as fast as an Interweb-Zuck-Meme.........
The daring virus, malware, spammer etc won't have to wait hours or days for meaningfull results, instead they will only be waiting minutes..... I hear a distant bell ringing "Moore's Law" doesn't only apply to IC, it also appears to apply to many different technologies/ideas.
Encoding the details in the returned packet, simple and very clever...... Kudos to the researchers.
And what would they do with the data? You could find all the SMTP servers, but you don't know what domains it serves or even if its just an exit server for someone's email system with the entrance being hosted by a third party.
You could do a reverse look-up on the IP address that respond, but you'll only end up with their external host-names so service providers' server wouldn't match what they host. The easier thing to do would be to just query DNS with a big list of domains and setting the type to MX.
Couldn't one design software which found unpatched computers, and patched them?
Yeah, I realize this is a horrible, shame on me, privacy violation, don't hack my computer kind of thing, but fuck it, there's still XP machines which doesn't even have service pack 1 out there. A tool which automatically turned on updates on old forgotten junk would be a boon to humanity. It would be like forcing new age parents to vaccinate their kids.
I think (before they got borged by plusnet or whoever it was) Metronet used to do this or something very similar...blackholed your connection so you could get to AV vendors & a few other sites and stopped you communicating with anything else...I think they also had network level content filtering (that you had to opt in to fwiw)...I guess their admins were just a few years ahead of their time.
de-route them until patched
Dear user,
We have determined that your PC's patch status is: ERR-UNKNOWN-OS.
Please download the appropriate updates from NULL-RECORD-ENCOUNTERED.
Once you do so, we will reinstate your internet connection, for a modest fee.
Please e-mail us with any questions. Have a nice day!
....there are still people out there hanging on to their XP machines for irrelevant or just plain silly reasons, such as preferring the colour of the start menu/not liking the search bar in the start menu - whatever. Non technical reasons, IE not something like having no choice but to run legacy software (can't upgrade versions to suit a new host OS etc).
August 2014, a hole is discovered in NT5/6 that allows an attacker to run a remote shell on a vulnerable platform that grants file system access - the ability to save files to that machine.
Vista, 7 and 8 get patched.
Xp does not.
Within the space of a few hours, hundreds of 'innocent' unpatched XP machines are hosting illegal materials (choose your own type), completely out in the open, and in a manner that effectively cannot be policed as 99.99% of the hosting the material will genuinely not have been aware of what as happened, never mind how to prevent against it. Within a day, it's hundreds of *thousands*. At this point, it *is* impossible to police.
How unrealistic am I being? I fear, not massively...
@Steven Raith
Why are we waiting until August 2014?
Did you miss the bit where 20% of the Internet is vulnerable to an exploit published in January.
Availability of patches only helps if you actually patch. The morons who think it's fine to have an Internet facing XP box late next year will be the same morons not bothering to patch it now.
I completely agree, but as of April, if something comes out that gets patched in newer OSs, it just won't be in XP, hence the use of next august as a worst case scenario for the situation.
I've been a bit 'meh' about patching my few remaining Windows instances (although I'm generally on top of my routers and internet facing appliances for obvious reasons). Um...not any more.
Steven R
In the UK, possession of child porn is a strict liability offence, so it doesn't matter if the host is genuinely unaware, they're still guilty.
So it's the offense you can have someone else commit on your behalf, without their consent or knowledge? That's a pretty harsh penalty for cluelessness.
@ DijitulSupport - glad to see you are on the same wavelength as me.
Plrndl - boom, headshot - exactly what I was inferring, and completes my point about the ability to enforce the laws we've written up around it.
If a not insignificant proportion of computer users suddenly find 'awful pictures' on their computers, how precisely are the police/CPS going to handle it? After all, we've had it beaten into us that ANYONE WHO LOOKS ASKANCE AT ANYTHING VAGUELY RESEMBLING A CHILD IN A SEXUAL MANNER IS TO BE BURNED AT THE STAKE WITHOUT TRIAL. I'm all for strong sentencing for CP offenses, but this just shows how useless a strict liability law can be. It's all very well when it's, perhaps, a few dozen people a year getting hacked and used a proxy for illegal materials - and having it discovered, go through the courts etc. But what happens when that number increases by several orders of magnitude, in the space of a few weeks?
What are they going to do? Put 10,000 pensioners (reasonably conservative potential number/likely victims due to knowing nowt about IT security/patching for the most part) on the sex offenders register?
This is a bigger problem than is being made out, I fear. And it's not like it's being made out to be a minor inconvenience.
This is a fucking game changer.
Excuse any odd typos - I've just eaten about a kilo of pork and I'm having the meat sweats. Yummy meat sweats.
Steven R
That Win98 PC isn't a forgotten old piece of junk. It's a vital piece of equipment handling a critical testing process. Getting the programming rewritten, and new hardware for it will cost millions of dollars. Oh, and did I mention it's running the pressure testing on the containment structure? So rebooting it at a random time could be exceedingly dangerous.
OK, so actually in the instance I'm thinking of you'd never get to patch it because it never touches the internet. But that doesn't stop the security gestapo from wanting to patch it.