Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The article's title is misleading. It speaks about the web mostly, not the internet (wich you can't scan in an hour btw).


You can. You can send an IP packed to every host in the internet and hopefully recieve a reply. That us the internet scanning.


I think he meant scanning all ports, UDP+TCP+ICMP etc etc


That's meaningless. That's like claiming you didn't really visit a country until you looked under every trash can.


There is a sweet spot between looking in every trash can and visiting only one of the biggest cities :)


I'm not sure there is. I'm not sure one can be truly sure he scanned the Internet before impersonating every host. Can't know anything before trying out the inside of every skin.

After all, what would you know, as a traveller, about simple lives of local people?


I've spent one hour of my life in Germany, when I was 11 years old, in a transit lounge in Frankfurt. I have 'visited Germany', but not in any real sense.


Everybody have their own threshold. I only consider city visited after I spend a night there.


There's more to the internet than just port 80, so to declare that a scan encompassing only a single port on each host is a scan of "the entire internet" is somewhat mistaken.

The more correct title would be, "a scan of the entire World Wide Web."


Even that's not correct though. Port 80 is just the default port. Not to mention the number of web servers only doing HTTPS on port 443 and not 80.

More correct would be "A scan of world wide web servers running on the default port 80"


https://zmap.io/paper.pdf From page 14, Section 8, titled, "Conclusion"

"We experimentally showed that ZMap is capable of scanning the public IPv4 address space on a single port in under 45 minutes, at 97% of the theoretical maximum speed for gigabit Ethernet and with an estimated 98% coverage of publicly available hosts."


I doubt they used the same port in every scan.


https://news.ycombinator.com/item?id=6234877

Why be in doubt when the research is published?


"Single port number" doesn't mean "same port number every time".


So what does "scanning the public IPv4 address space on a single port in under 45 minutes" really mean then?

Did you even read the documents?


They visit one port in the whole internet. This doesn't prevent them from visiting another port of the whole internet next time.

This makes "they visited the whole internet" true, "they aren't limited to web only" also true.


I realise that my comment was not so clear, sorry about that. Yes, to me scanning the whole internet means at least the full port range in TCP (and why not UDP too).

My 'rant' is really about the article sensational title promising to let you know about the result of scanning the entire internet really fast... wich turns out to be about scanning web services. The data is however interessting.


In other words,

  ((16.8 + 16.8) * 1e6) * (2^15 + 2^14 - 1)) / (24 * 60 * 60)
or

  ((IANA + RIR address) * millions) * (registerable port range)) / (day-seconds)
or

  19 million scans / second




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: