Is Censys a Blessing for Finding Security Loopholes?
- February 26, 2016
Censys is a recently released search engine not like the conventional ones. Censys search engine keeps the track of all the devices that are connected to the internet. Censys, that is more like an open-source project, was launched by computer scientists from the University of Michigan.
Google is providing the infrastructure for running Censys and University of Illinois Champion Urbana’s scientists are assisting to run that.
Censys scans the IPv4 addresses and gathers the website and hosts information. The search engine uses the following to gather the required information:
- Network Scanner (ZMap)
- Application Layer Scanner (ZGrab)
Once the information is collected, Censys stores that in the database. The DB contains the data regarding how the hosts and websites are configured, that helps the investigators to acquire the data.
ZMap is a network scanner that scans IP addresses on the Internet and collects data. It can help in determining the machines on the web having security vulnerabilities that can be exploited by the hackers.
Censys performs full searches on protocol banners and queries a large number of derived fields. It finds out vulnerable devices and the networks, also it generates reports on specific patterns and trends. Censys returns the results very quickly i.e. in less than a second time Censys can reveal the flaws, vulnerable devices, their keepers and also the approx. location.
There is a case study where Dell apologized and acted immediately on the removal of eDellroot certificate from customer’s PCs after Duo discovered the breach. Censys IPv4 scanning exposed that eDellroot certificates were scattered over many IP addresses all over the globe. The finding was that Dell has distributed identical keys on different models. The hacker can easily use them to sign malevolent code as safe code and so on. By using Censys, Duo discovered that Kentucky water plant’s control system security was bypassed.
People behind Censys can agree that making it easier to find out flaws should make the internet more secure. John Matherly, CEO of Shodan, says that Censys has led to over 100,000 industrial control systems being accurately secured and also it has helped with the shutdown of a lot of malware servers used by hackers and criminals.