Petronella Blog Archive

Visit our New Blog

Who is Scanning Whom?

Blog Post

Are you worried about people scanning your network? Only hackers looking for vulnerabilities do that, right?  That's not the case anymore.

Nowadays, yes, there are still plenty of ne'er-do-wells still scanning your ports for a way to get into your network and do some damage, but a lot of them are much more benign.  In fact, a lot of research is being done by scanning networks.  One such project is scans.io, run by the ZMap team at the University of Michigan in Ann Arbor, which scans networks to gather and share information.  The potential things researchers can learn from the information the team gathers is vast.

One of the things they have researched dealt with the Heartbleed bug.  Taking information form the scans, they were able to send vulnerability notices, which led to an 50% increase in the number of people who applied patches to fix the problem.

Going forward, scans.io hopes to help alert and notify more systems of vulnerabilities as well as seeing how the "Internet of Things" shakes out.  One team member noted that each time they look at another protocol, they see different trends and patterns of behavior to analyze.  The wealth of knowledge to be gained from scanning networks is immense, even for the good guys.