Scanning (and some other no-tech hacking)
Today’s Class • Scanning the Internet for research • Scanning the Internet for “research” • Other no-tech hacking
Definitions: • domain name: • google.com • unm.edu • a registrable entity on the web under the control of a single entity or organization • domain registrar: • an entity that domains are registered with • domain registry: • an entity that maintains a list of all domains that are registered with a top level domain • top level domain (TLD) • COM • EDU • The top level of the domain name system
Definitions • Domain Name System (DNS): • a system that maps domain name to IP address • IP address: • a routable address on the Internet • Name server: • A server that maps domains to IP addresses
Definitions • Hosting Provider: • Have some servers. • Responsible for some IP addresses • AS: • Autonomous system • Routes group of IP addresses on Internet
Whois
How to Measure the Internet?
How to Measure the Internet? • Number of domain names? • unm.edu —> cs.unm.edu, www.unm.edu, etc. • Number of IP addresses? • One IP address might be multiple devices (NAT) • other?
Why? • To see how big it is • To see how influential it is • To see how insecure it is • To see where the insecurities lie
• Google indexes a big part of the web. • Google search has a bunch of advance search operators. • We can use them to find more than just pug pictures. • https://www.exploit-db.com/google-hacking- database/
Shodan • “The search engine for the web” • https://www.shodan.io/
Scanning for research • https://scans.io/ • Looks for information related to various insecure events or potential insecurities.
TLS • TLS/SSL: • transport layer security/secure socket layer • encrypts messages
TLS
Heartbleed • Bug in heartbleed extension of OpenSSL implementation of TLS • https://xkcd.com/1354/ • http://heartbleed.com/ • https://filippo.io/Heartbleed/
Measuring Patch Rate
Comparison to Debian PRNG patch rate
Experiments
Recommend
More recommend
