I believe this will be of interest to everyone. Recently Security Focus
received an essay for the Guest Feature forum that discussing a project
by a group of people that performed a security scan of most of the
Internet. To my knowledge this is a first (at least publicly). They
scanned over 36 million hosts. The results a very interesting. They
have also made the source code of their scanner, BASS, available for
download.
Here is their announcement:
PRESS RELEASE - The Internet Auditing Project
Aug 13 - SSR, an independent security research group, have recently
released a memorandum of the Internet Auditing Project, describing the
groups efforts to scan over 36 million (circa Jan 1999) Internet hosts
(including it's sensitive military, government and private networks)
for commonly known remote security vulnerabilities.
The article is written in full-disclosure HOWTO form, supplying the
reader with everything he needs to know to repeat the scan on his own
(wheels, map and the road), with relatively few resources, including
the special-purpose bulk auditing software developed for the project.
It offers several unique, interesting insights on the gloomy state of
computer security on the Internet, touches on hacker culture, and
in-between describes the group's encounter with counterprobes, angry
e-mails, threatening lawyers (with relevant legal commentary), a
crippling denial of service attack and even an Unidentified Cracking
Object (OCO!) which successfully attacked and penetrated [part of] the
group's networks with spine-chilling sophistication.
The IAP's results? Grim:
"... immediately threaten the security [...] of many millions of
systems in commercial, academic, government and military
organizations ..."
And even...
"We were stunned to find just how many networks you would expect
to be ultra secure were wide open to attack. Banks, billion
dollar commerce sites, computer security companies, even nuclear
weapon research centers!"
It's implications? Grimmer, suggesting an immediate present and future
threat to the world's largest and most significant information technology
infrastructure.
(Holy smoke! So what do we do?!)
The article introduces a viable solution, in the form of the "International
Digital Defense Network" (IDDN). An ambitious proposal for a public interest
project which could dramaticly influence the security of the Internet (for
the good!), and resolve many of the most serious problems covered in the
article.
The article is available as a guest feature (the first) on
www.securityfocus.com (the good people hosting Bugtraq) at:
http://www.securityfocus.com/templates/forum_message.html?forum=2&head=32&id=32
BASS, the Bulk Auditing Security Scanner developed for the project has also
been released and is free for download at
http://www.securityfocus.com/data/tools/network/bass-1.0.7.tar.gz
Seek the wisdom.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:56:07 PDT