If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(NBC News)   Hacker maps the Internet. The *whole* Internet   (nbcnews.com) divider line 38
    More: Interesting, internet, Kaspersky Labs  
•       •       •

8476 clicks; posted to Geek » on 21 Mar 2013 at 12:12 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



38 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2013-03-21 11:43:23 AM
And much like the satellite picture showing electric lights, note the stark discrepancy between Best and Worst Korea.
 
2013-03-21 11:49:21 AM
I had always wondered how many networks could be infiltrated with username "admin" and password "admin."

The moar you know.
 
2013-03-21 12:16:06 PM
Funny how he stumbled upon another, malicious botnet already residing in the same boxen that he was exploiting.

/DNRTA
//read the actual report
 
2013-03-21 12:29:06 PM
More like inevitable. I can sit on my sailboat in the harbour or walk in a park surrounded by houses and have my pick of unsecured APs that aren't coffee houses or libraries. If I actually tried "admin" and "password" on some of the "secured" ones, I would no doubt find more.

Hell, my router's in the basement right now and two unsecured accounts are available to me right now. It's one of the reasons I make very little use of online banking and shopping: I consider "people" the weakest link and expect sloppiness and naivete to compromise security.
 
2013-03-21 12:29:48 PM
xkcdsw.com
 
2013-03-21 12:29:58 PM
An anonymous researcher used methods commonly employed in malicious hacking to get information on every IP address on the Internet, and has publicly released the results

The entire of IPv6? that must have taken quite a while to do...
 
2013-03-21 12:36:42 PM

xria: An anonymous researcher used methods commonly employed in malicious hacking to get information on every IP address on the Internet, and has publicly released the results

The entire of IPv6? that must have taken quite a while to do...


The whole point of the project is that they get exponential growth in scanning power as the census continues. As your scanners find other unprotected devices they are converted into scanners for your own purposes, and then those scanners will find and convert yet more scanners.

Essentially, they double their scanning power every few minutes or so. The linked paper claims they can scan all of IPv4 in less than an hour.
 
2013-03-21 12:36:46 PM

xria: An anonymous researcher used methods commonly employed in malicious hacking to get information on every IP address on the Internet, and has publicly released the results

The entire of IPv6? that must have taken quite a while to do...


IPv4 only I believe.
 
2013-03-21 12:36:49 PM

Valiente: More like inevitable. I can sit on my sailboat in the harbour or walk in a park surrounded by houses and have my pick of unsecured APs that aren't coffee houses or libraries. If I actually tried "admin" and "password" on some of the "secured" ones, I would no doubt find more.

Hell, my router's in the basement right now and two unsecured accounts are available to me right now. It's one of the reasons I make very little use of online banking and shopping: I consider "people" the weakest link and expect sloppiness and naivete to compromise security.


I set up an unsecured SSID on my wireless network, but I'd be careful about using it to browse anywhere. Especially if you're logged in to Facebook.
 
2013-03-21 12:37:15 PM
China's coast is a hell of a lot more dense than California... I wonder if they truly have that many more machines (from their higher population) or if they just have that many more unsecured machines.
 
2013-03-21 12:39:37 PM

BKITU: And much like the satellite picture showing electric lights, note the stark discrepancy between Best and Worst Korea.


It's because Best Korea has such good internet security, his little trick wouldn't work on them!
 
2013-03-21 12:53:33 PM

Theaetetus: [xkcdsw.com image 740x1076]


tfa's version's prettier
 
2013-03-21 12:53:41 PM
FTFA:hacker found some interesting things, like areas of the Internet that should be empty but aren't


Goddamn lizard people.
 
2013-03-21 12:57:56 PM
Here's a gif posted yesterday on the mapporn subreddit that shows time of day usage totals using what I suppose is this guy's "map" of the internet.
 
2013-03-21 12:58:42 PM

dr.zaeus: Here's a gif posted yesterday on the mapporn subreddit that shows time of day usage totals using what I suppose is this guy's "map" of the internet.


Oh well... let's try this again.

http://internetcensus2012.bitbucket.org/images/geovideo.gif
 
2013-03-21 01:00:39 PM

Valiente: More like inevitable. I can sit on my sailboat in the harbour or walk in a park surrounded by houses and have my pick of unsecured APs that aren't coffee houses or libraries. If I actually tried "admin" and "password" on some of the "secured" ones, I would no doubt find more.


Last year I did a little mapping survey in my town, driving around with a GPS enabled laptop running Kismet.  I estimate at least 30% of APs I logged were using their default SSID (NETGEAR, 2WIRE[model], LinkSys, etc).  I would bet that around 80% of those probably used their default admin password.  It would be sooo easy to script a drive-by attack...
 
2013-03-21 01:06:55 PM
The whole thing?

upload.wikimedia.org
 
2013-03-21 01:11:42 PM
GiantRex
I had always wondered how many networks could be infiltrated with username "admin" and password "admin."


Or try my previous ISP (one of Germany's biggest).
I didn't bother to set a password for the web interface of the modem/router they sent because I noticed that the password would appear as plain text in a Javascript-comment in the login page: right-click, view source, hello password.
Javascript people.
*shakes head*
 
2013-03-21 01:15:35 PM
Thank you subby. That was truly one of the most interesting articles I've ever read. Then I read the paper! I hope that guy is gainfully employed, we need more minds like him (or her).
 
d3
2013-03-21 01:21:12 PM

Fubini: xria: An anonymous researcher used methods commonly employed in malicious hacking to get information on every IP address on the Internet, and has publicly released the results

The entire of IPv6? that must have taken quite a while to do...

The whole point of the project is that they get exponential growth in scanning power as the census continues. As your scanners find other unprotected devices they are converted into scanners for your own purposes, and then those scanners will find and convert yet more scanners.

Essentially, they double their scanning power every few minutes or so. The linked paper claims they can scan all of IPv4 in less than an hour.


IPv6 is big. Like really big.  You just won't believe how vastly, hugely, mind-bogglingly big it is. I mean you may think IPv4 can host a lot of porn sites, but that's just peanuts to IPv6.

So they scanned 2^32 in one hour. That is 7.9x10^28 hours to scan IPv6 at a constant rate. 3.3x10^27 days, 9x10^24 years. If they can double 2^32 each hour they can knock it down to 96 hours to hit every IPv6 address. But starting with 100,000 servers to scan the internet in one hour at 10 probes per second (as stated in their paper but it really is 12 probes/s or a few more than 100,000 servers) you get a million probes per second. To scan IPv6 in one hour you need 9.5x10^34 probes/second or 9.5X10^33 compromised hosts running 10 probes/second. So in reality, you can't scan IPv6 in 96 hours because you can't possibly get enough hosts to double your targets. At least, not until we've used up a considerable chunk of IPv6.
 
2013-03-21 01:26:52 PM
Wow. This is just too nerdy for me to even have anything to say. And I don't mean "nerdy" in the positive, feel-good, "we're taking it back" sense. I mean it in the derogatory pre-1990s sense.

But hey.. Whatever floats your boats, codemonkeys. If it keeps you from dressing up as colorful ponies or Star Trek characters and accosting me at conventions, then go for it.
 
2013-03-21 01:46:20 PM
So it was mostly porn I'm guessing.
 
2013-03-21 01:47:36 PM

Valiente: It's one of the reasons I make very little use of online banking and shopping: I consider "people" the weakest link and expect sloppiness and naivete to compromise security.


When you do your banking and shopping in person, do you expect human risks to be any different?

You hand over your credit card to the human on the other side of the counter, and there it is, data traversing the internet via an encryption system designed by humans.
 
2013-03-21 01:50:53 PM
You mean it's NOT a series of tubes?
 
2013-03-21 01:58:52 PM

offmymeds: You mean it's NOT a series of tubes?


Of course it's tubes.  How do you think the slave computers hijack other computers?  By flushing passwords at them until they overflow.
 
2013-03-21 02:07:28 PM
Whoa *Wake Up ends abruptly with record needle scratch*
 
2013-03-21 02:13:13 PM

jspenguin: The whole thing?

[upload.wikimedia.org image 640x429]


Be careful, Jen.
 
2013-03-21 02:20:52 PM
I'm gonna wait for this to make Slashdot, so the comments are marginally more technical.
 
2013-03-21 02:25:41 PM

dr.zaeus: dr.zaeus: Here's a gif posted yesterday on the mapporn subreddit that shows time of day usage totals using what I suppose is this guy's "map" of the internet.

Oh well... let's try this again.

http://internetcensus2012.bitbucket.org/images/geovideo.gif


That's pretty interesting to see the differences of peak usage. Example is America and Europe. You would think we have similar internet usage habits, but if you pay attention you see that America peaks in the middle of the day, then dies down well before dark hits. Whereas Europe gets large usage by the middle of the day then blows up right before dark before dying. Also it looks as though usage in America stays more constant than Europe, not going as low as Europe does at night, but also not reaching as high during peak times.
 
2013-03-21 02:41:09 PM
"This is most definitely illegal," Roel Schouwenberg, senior researcher at Kaspersky Lab, told NBC News in an email. "Even if the intentions are good, which we have no way of verifying. unauthorized access remains unauthorized access."

I suppose he thinks he's the internet police/
Dude, get you panties out of the wad.

Go hawk your warez to cyprus.
 
2013-03-21 02:42:59 PM

jspenguin: The whole thing?

[upload.wikimedia.org image 640x429]


Does the Hawk know you have that?
 
2013-03-21 02:43:18 PM
 . . . like areas of the Internet that should be empty but aren't,

The average Joe reading this may think that something nefarious is afoot.

The paper actually explains this being that some of the compromised amchines were behind "enforced proxies or provider firewalls" which "rerouted some of the probes to different IPs, leading to false responses."  Therefore, nothing sinister or even worth reporting.

So I suppose Devin Coldewey  of  NBC News just skimmed the paper. Such is Internet journalism nowadays.
 
2013-03-21 02:44:19 PM
Hacker maps the Internet. The *whole* (unsecured) Internet

Not the whole internet, subby, not by a long shot.
 
2013-03-21 02:55:19 PM
Let's see you map the "hole" Internet as well.
i.imgur.com

/please post the results
 
2013-03-21 05:24:26 PM

jspenguin: The whole thing?

[upload.wikimedia.org image 640x429]


Wait...I thought Jen dropped and broke the internet!
 
2013-03-21 05:38:25 PM

woolvy: dr.zaeus: dr.zaeus: Here's a gif posted yesterday on the mapporn subreddit that shows time of day usage totals using what I suppose is this guy's "map" of the internet.

Oh well... let's try this again.

http://internetcensus2012.bitbucket.org/images/geovideo.gif

That's pretty interesting to see the differences of peak usage. Example is America and Europe. You would think we have similar internet usage habits, but if you pay attention you see that America peaks in the middle of the day, then dies down well before dark hits. Whereas Europe gets large usage by the middle of the day then blows up right before dark before dying. Also it looks as though usage in America stays more constant than Europe, not going as low as Europe does at night, but also not reaching as high during peak times.


I once worked at a place that did vacation booking.

Europe had 2 peaks.  One at about 2-3:00 in the afternoon and one at about 6-7 PM.

America had one peak at 1:00 in the afternoon while everyone was at work.  Even the West Coast crowd didn't make a second bump.
 
2013-03-21 05:58:48 PM

Theaetetus: [xkcdsw.com image 740x1076]


internetcensus2012.bitbucket.org

Those damn corporations are hoarding nearly a quarter of IPv4 space.
 
2013-03-22 09:25:55 AM
Excuse me, can you tell me how to get to Pornland?
 
Displayed 38 of 38 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report