University of Michigan and Google Are Mapping the Entire Known Web with Censys
Logging onto a terminal in 2015, it’s easy to forget what the Internet actually is: a massive, massive macro version of your home network. If you’ve got a phone and a computer connected to the web, that’s technically three devices, counting the router.
Now multiply that by many billions of times, and you’ve got the number of addresses that the Censys project is aiming to track, though not for arbitrary reasons. Rather, Censys is scanning the known web for security vulnerabilities, at least the obvious kinds that system administrators should know about.
The infrastructure for Censys, which is a University of Michigan project, is being provided by Google. The project has already aided researchers in discovering millions of unsecured Internet of Things devices, as demonstrated by SEC Consult earlier this month. Right now, you can go to Censys and type in your home IP address to see if you, personally, have any devices broadcasting publicly. In many cases, this is just not possible due to default router configuration by ISPs. But if you run a website, the service may be more useful. As you can see from the screenshot below, Censys is able to provide some information about Hacked.com, but displays no obvious vulnerabilities in our system.
But searching for vulnerabilities is not the primary focus of Censys, as the name “Censys” implies. A census is a way that governments and large organizations can understand all the elements which fall within them. Using three core data collection tools – ZMap, ZGrab, and ZTag – Censys trawls the all IPv4 addresses as well as the top 1 million domain names. There are obviously more than 1 million domain names in the wild, but the world doesn’t rely on even the 1 million that are being tracked. Much of the world’s web traffic actually happens through a very limited number of domains, but that’s another issue.
The primary focus of Censys is to know as much about the web as possible, and in a security sense can mean understanding how large a problem could possibly be. Since ZMap enables Censys to know the encryption situation of each device it pings along with other details, a researcher who’s discovered a flaw will now have a new way to determine the possibilities of it.
Shodan has been a leader in the large-scale vulnerability-finding space for some time, but Zakir Durumeric told the MIT Technology Review that Censys has significantly better coverage and fresher data. Shodan’s CEO John Matherly told the same publication that it wasn’t much different, if any, and that Shodan uses more techniques for probing IP addresses than does Censys at present. In any case, both efforts offer researchers an easy way to probe the web for vulnerabilities to patch or exploit, but one is economically free and the other is for-profit. Do note that you will need to create an account at Censys if you decide to do more than five searches in a given day.
Chances are, and history has shown, that there is room in the market for both efforts but that professionals will continue to use the things they know to be reliable. Censys could rise up to overshadow Shodan, or it could live a short and quiet life inside a research laboratory at the University of Michigan, one of Google’s many forgotten almost projects. But given the use it’s already had, it seems Censys is here to stay.
Featured image from Shutterstock.