http://arstechnica.com/security/2013/03/guerilla-researcher-created-epic-botnet-to-scan-billions-of-ip-addresses/
By Dan Goodin
Ars Technica
March 20 2013
In one of the more audacious and ethically questionable research
projects in recent memory, an anonymous hacker built a botnet of more
than 420,000 Internet-connected devices and used it to perform one of
the most comprehensive surveys ever to measure the insecurity of the
global network.
In all, the nine-month scanning project found 420 million IPv4 addresses
that responded to probes and 36 million more addresses that had one or
more ports open. A large percentage of the unsecured devices bore the
hallmarks of broadband modems, network routers, and other devices with
embedded operating systems that typically aren't intended to be exposed
to the outside world. The researcher found a total of 1.3 billion
addresses in use, including 141 million that were behind a firewall and
729 million that returned reverse domain name system records. There were
no signs of life from the remaining 2.3 billion IPv4 addresses.
Continually scanning almost 4 billion addresses for nine months is a big
job. In true guerilla research fashion, the unknown hacker developed a
small scanning program that scoured the Internet for devices that could
be logged into using no account credentials at all or the usernames and
passwords of either "root" or "admin." When the program encountered
unsecured devices, it installed itself on them and used them to conduct
additional scans. The viral growth of the botnet allowed it to infect
about 100,000 devices within a day of the program's release. The
critical mass allowed the hacker to scan the Internet quickly and
cheaply. With about 4,000 clients, it could scan one port on all 3.6
billion addresses in a single day. Because the project ran 1,000 unique
probes on 742 separate ports, and possibly because the binary was
uninstalled each time an infected device was restarted, the hacker
commandeered a total of 420,000 devices to perform the survey.
[...]
______________________________________________
Attend #HITB2013AMS April 8th - 11th in Amsterdam.
Featuring over 42 international speakers and keynotes
by Bob Lord and Edward Schwartz http://conference.hitb.org