Skip to main content

Take a snapshot of the entire internet in just 44 minutes with ZMap scanner

Take a snapshot of the entire internet in just 44 minutes with ZMap scanner

Share this story

ethernet cable_1020
ethernet cable_1020

Surveying every IP address on the internet isn’t an easy task, and if you don’t have the luxury of a botnet, a single scan can take months. Luckily, some researchers at the University of Michigan have created an open source alternative called ZMap that can cut the total time to under 45 minutes on a mid-range computer with a gigabit connection, bringing the speed of the scan to within a hair of the theoretical maximum.

"Over 1300 times faster"

Not only is it an impressive technical achievement, the app enables surveys that until recently would have been inordinately expensive or altogether unfeasible. "Experimentally, we find that ZMap is capable of scanning the IPv4 public address space over 1300 times faster than the most aggressive Nmap default settings," writes the team in a recent research paper.

Graph

The computer scientists are still working on potential applications, but the Washington Post looks at a couple of interesting ones that the team has already explored. Looking into the use of encryption online, the researchers found that the use of the encrypted HTTPS protocol (the blue line above) grew 20 percent over the past year, and that 86 percent of certificates were signed by just 10 institutions, 31 percent by GoDaddy alone. The team also used ZMap to find vulnerable hosts using weak encryption keys, search for hidden services on the Tor network, and track service disruptions during Hurricane Sandy — a visualization of which is pictured below.

Map

Rather than rely on managing individual sessions with all of the hosts it’s trying to reach, ZMap pings each one a fixed number of times, pumping out probe packets as fast as the connection allows — what the team calls "shotgun scanning." The tricky business of tracking which hosts respond is made possible by encoding details about the hosts inside the probe packets, producing a measurable effect on the responses. The technical side of things is understandably complicated, but as long as you have access to a gigabit connection and know your way around the command line, you can download ZMap at the link below and try it out for yourself.