datacenter

Port Scan the Entire Internet in 5 Minutes?

One of my favorite sub-reddits is /r/coolgithubprojects. I check it out a few times a week looking for interesting open source projects. One interesting project that I recently found is called MASSCAN and claims to be able to scan, as in port scan, the entire internet in 5 minutes. It works in a similar way to nmap. I thought I’d try it out and show you the results.

Install

Pretty simple ubuntu install, didn’t run into any issues and it compiled quickly. I simply followed the instructions for ubuntu in the readme. I used one of my medium instances on ec2.

Run

Under these settings, it should be transmitting 100,000 packets/second to the entire 10.x.x.x subnet, all 16 million addresses, and output a list of hosts with port 80 responding to results.txt

 

Results

Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2017-01-19 16:42:20 GMT
 -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 16777216 hosts [1 port/host]
                                                                             
real	7m42.419s
user	0m6.103s
sys	0m10.358s

Output – results.txt

Masscan ran for exactly 7 minutes 42 seconds. At the end, the results.txt file was empty. So not sure what I did wrong, could be getting blocked at these packets per second on the amazon ec2 network. But there should have been 30-50 or so hosts with port 80 up in a mix of local and WAN hosts. Comment if you know what’s wrong. I’d love to see someone else’s results.

Config File

2 comments

Comments are closed.