这篇文章本来是转载的,来源于之前的一篇关于僵尸网络的报道(利用42万僵尸节点创建出的全球IPv4地图)但是由于某人另外看到了一些资料,所以大概混在一起转了。

ps. 看了这个以后才发现组建一个botnet是如此的简单,做安全的,应该把思路打开,不能仅仅局限于各种理论和以前书本上学的东西。不少东西,看似简单,而威力却无穷。

Port scanning /0 using insecure embedded devices

From: “internet census” <internetcensus2012 () mail com>
Date: Sun, 17 Mar 2013 19:54:03 -0400

---------------------  Internet Census 2012  ---------------------

-------- Port scanning /0 using insecure embedded devices --------

-------------------------  Carna Botnet  -------------------------

While playing around with the Nmap Scripting Engine we discovered an amazing 
number of open embedded devices on the Internet. Many of them are based on 
Linux and allow login to standard BusyBox with empty or default credentials. 
From March to December 2012 we used ~420 Thousand insecure embedded devices 
as a distributed port scanner to scan all IPv4 addresses. 
These scans include service probes for the most common ports, ICMP ping, 
reverse DNS and SYN scans. We analyzed some of the data to get an estimation 
of the IP address usage. 

All data gathered during our research is released into the public domain for 
further study. The full 9 TB dataset has been compressed to 565GB using ZPAQ 
and is available via BitTorrent. The dataset contains:
- 52 billion ICMP ping probes
- 10.5 billion reverse DNS records
- 180 billion service probe records
- 2.8 billion sync scan records for 660 million IPs with 71 billion ports tested
- 80 million TCP/IP fingerprints
- 75 million IP ID sequence records
- 68 million traceroute records


This project is, to our knowledge, the largest and most comprehensive 
IPv4 census ever. With a growing number of IPv6 hosts on the Internet, 2012 
may have been the last time a census like this was possible. A full documention, 
including statistics and images, can be found on the project page.

We hope other researchers will find the data we have collected useful and that 
this publication will help raise some awareness that, while everybody is talking
about high class exploits and cyberwar, four simple stupid default telnet 
passwords can give you access to hundreds of thousands of consumer as well as 
tens of thousands of industrial devices all over the world.

No devices were harmed during this experiment and our botnet has now ceased its 
activity.

Project Page:
 http://internetcensus2012.bitbucket.org/
 http://internetcensus2012.github.com/InternetCensus2012/
 http://census2012.sourceforge.net/

Torrent MAGNET LINK:
 magnet:?xt=urn:btih:7e138693170629fa7835d52798be18ab2fb847fe&dn=InternetCensus2012&tr=udp%3a%2f%2ftracker.openbittorrent.com%3a80%
 2fannounce&tr=udp%3a%2f%2ftracker.ccc.de%3a80%2fannounce&tr=udp%3a%2f%2ftracker.publicbt.com%3a80%2fannounce

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

ps2.另外最近有些感触,国内安全圈子水很深,慎入!