

Internet Census 2012: Port scanning /0 using insecure embedded devices - tdrnd
http://census2012.sourceforge.net/paper.html

======
dmckeon
This appears to be a white-hat effort using von Neumann replication and poorly
secured telnet ports to build "a distributed port scanner to port scan the
entire IPv4 Internet within one hour."

"We hope other researchers will find the data we have collected useful and
that this publication will help raise some awareness that, while everybody is
talking about high class exploits and cyberwar, four simple stupid default
telnet passwords can give you access to hundreds of thousands of consumer as
well as tens of thousands of industrial devices all over the world."

This is a well-written report, with great mapping and images, and the research
is very likely reproducible. Pro-active ISPs and companies might do well to
scan their own IP ranges, before some other entity does it for them.

Reading it reminds me of the way that diseases brought by explorers affected
indigenous populations lacking antibodies.

