Who Watches the Watchers?: Understanding the Internet's Background Noise

BSidesLV 2018

Presented by: Curt Barnard
Date: Tuesday August 07, 2018
Time: 14:00 - 14:55
Location: Ground Floor

The instant a device is connected to the internet, it gets scanned and interrogated for open ports, software versions, and default passwords. Who conducts these scans? Why? What kind of attacks will you see? The days of mass exploitation are upon us. When every device is connected, a new paradigm for mass exploitation emerges. Vulnerabilities, specifically in core computing components, linger for decades. Many White Hat organizations scan IPv4 constantly to assess the potential impact of a vulnerability, or to understand the shifting technology landscape while less reputable actors scan for more nefarious purposes. We will explore the economics of simple port scans at scale and the associated costs for enthusiasts and enterprises.There are a number of insights you can gain into the systems and tools being used to conduct these scans. From Massscan to Zgrab to AutoSploit, internet scanning tools are prevalent and can reveal patterns of threat behaviors. Anyone in cybersecurity should be aware of how these tools work, what they reveal, and what threats they can uncover.To visualize internet scans, a demonstration of “Internet Radio” will show scans converted into music. This allows visitors to “hear” the background noise of the internet in real time.

Curt Barnard


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats