Internet-wide measurements: past, present and future [NEW: we'll scan during SHA live from Day 1]: Towards a holistic picture of the Internet's infrastructure and it's activity

Presented at Still Hacking Anyway (SHA2017), Aug. 7, 2017, 9:25 p.m. (60 minutes)

This workshop will present past, present and possible future scanning strategies for the IPv4 address space (and beyond), BGP monitoring-, keeping track of AS/IP transitions, data correlation, error detection and globally distributed scanning. The participants will learn about different scanning methodologies (past & presently used), ongoing efforts by researchers, NGOs and RIRs. Next we'll introduce them to the concepts of running their own internet-wide scans and give them the possibility to try out their ideas on-site. ATTENTION: The workshop doesn't require in-depth knowledge, but you should be familiar with Bash or Python scripting, Linux and TCP/IP basics. SCANS DURING SHA2017: from day 1 until and after the workshop we will run IPv4-wide scans (among others) live on the internet via the SHA2017 uplink. You may participate on-site or remotely by submitting scans/ideas to `shascan@azet.org` - more details and collaboration via this document: https://gist.github.com/azet/54862407b7af1c2813e590ead83f7553 The presenter has been involved in internet-wide scanning for the past ~3 years and has co-authored several publications as a result of their scanning activity. But it's time to merge scanning efforts and take a step back to critically analyze our current scanning strategies, their longevity and reflect on the data - as well as ethical and privacy related questions - they yield.

Presenters:

  • Aaron Zauner / azet as Aaron Zauner (azet)
    10+ years of engineering. Has seen the fallacies of distributed computing. Still enjoys working and researching in the industry. Loves tuning, scaling and securing of distributed systems - building on and contributing to great Free & Open Source Software. Above all: getting to meet brilliant people, exchange ideas and work on exciting projects all the time! I am self-employed and primarily do engineering work, consulting and research on IT Infrastructure Architecture, Operations & Development, Applied Cryptography, High Performance Computing and Information Security. I've held talks on DevOps, HPC and Security related topics at various venues - from local meetups to internationally recognized conferences. Publications: https://scholar.google.com/citations?user=pMyYN5wAAAAJ

Links:

Similar Presentations: