Comment on Do bots/scrapers check uncommon ports?
Cyberflunk@lemmy.world 2 weeks ago
Read up on shodan.io. bot networks and scrapers can use the database as a seed to find open ports.
The cli massscan can (under reasonable conditions) scan the the entire ipv4 address space for a single port in 3 minutes. It would take an estimated 74 years for massscan to scan all 64k ports for the entire ipv4 network.
So, using a seed like shodan, can compliment scanners/scrapers to isolate ip addresses to further recon.
I honestly don’t know if this helps your question, I don’t actually know, but I’ve written a lot of scanning agents (not ai, old school agents) to recon for red/blue teams. I never started with raw internet guesses, I always used a seed. Shodan, or other scan results.
confusedpuppy@lemmy.dbzer0.com 2 weeks ago
Thanks for the insight. It’s useful to know what tools are out there and what they can do. I was only aware of
nmapbefore which I use to make sure the only ports open are the ports I want open.My web facing device only serves static sites and a file server with non identifiable data I feel indifferent about being on the internet. No databases or stress if it gets targeted or goes down.
Even then, I still like to know how things work. Technology today is built on so many layers of abstraction, it all feels like an infinite rabbit hole now. It’s hard to look at any piece of technology as secure these days.