Cybersecurity Seminar
Title:
Large-Scale Port Scanning through Tor
using Parallel Nmap Scans
Speaker:
Rodney Rohrmann, Cyber Security
Staff, The MITRE Corporation
Date and Time:
Wednesday, November 11, 2017, 5:30 (pizza), 6:00-7:00 (seminar)
Location:
YR
459
Abstract
Performing port scans through Tor
is a way to hide the source’s IP address from the target. Researchers hoping to
source their own scans benefit from a means of scanning that helps them to
anonymize themselves from targets that may potentially retaliate as the result
of being scanned. Though effective in providing anonymization during scanning,
it is not scalable to the point of scanning the entire IPv4 Address space on
multiple ports, as scans take considerably longer to execute through Tor. This
presentation specifically explores using a third-party data source to target
specific areas of interest in the IPv4 range and then scanning those areas
anonymously with parallelized scanners as an effective way to anonymously
collect internet scan data.