HD Moore Scans the Entire Internet and Finds Vulnerabilities #rsac
Page 1 of 1
There is no shortage of research releases at the RSA 2013 security conference. Yet one piece of research stands alone, above all others by virtue of the sheer audacity of the undertaking. HD Moore, celebrated hacker, founder of the open source Metasploit framework and CISO at Rapid7, scanned the *entire* Internet in an effort to find security flaws.
Not everyone was pleased to have Moore scanning their IP ranges, and he said he got approximately 3,000 abuse reports about his scans. The critical.io Web page provides information about Moore's effort and includes contact information for site owners to opt out of the scan.
In total, 100 million IPs were excluded via opt-out, which only represents approximately 2.6 percent of all the addresses scanned.
"I identified 310 million unique IPs over 12 months," Moore said. "10 CVEs for vulnerabilities have been published so far and there are still a few dozen vulnerabilities in the queue."