Demystifying Internet-Wide Service Discovery

This paper develops a high-performance, Internet-wide service discovery tool, which we call IRLscanner, whose main design objectives have been to maximize politeness at remote networks, allow scanning rates that achieve coverage of the Internet in minutes/hours (rather than weeks/months), and signif...

Full description

Saved in:
Bibliographic Details
Published inIEEE/ACM transactions on networking Vol. 21; no. 6; pp. 1760 - 1773
Main Authors Leonard, Derek, Loguinov, Dmitri
Format Journal Article
LanguageEnglish
Published IEEE 01.12.2013
Subjects
Bandwidth
Extrapolation
Horizontal scanning
Internet
Internet measurement
IP networks
Probes
Random access memory
Online AccessGet full text

Cover

More Information
Summary:This paper develops a high-performance, Internet-wide service discovery tool, which we call IRLscanner, whose main design objectives have been to maximize politeness at remote networks, allow scanning rates that achieve coverage of the Internet in minutes/hours (rather than weeks/months), and significantly reduce administrator complaints. Using IRLscanner and 24-h scans, we perform 21 Internet-wide experiments using six different protocols (i.e., DNS, HTTP, SMTP, EPMAP, ICMP, and UDP ECHO), demonstrate the usefulness of ACK scans in detecting live hosts behind stateless firewalls, and undertake the first Internet-wide OS fingerprinting. In addition, we analyze the feedback generated (e.g., complaints, IDS alarms) and suggest novel approaches for reducing the amount of blowback during similar studies, which should enable researchers to collect valuable experimental data in the future with significantly fewer hurdles.
ISSN:1063-6692
1558-2566
DOI:10.1109/TNET.2012.2231434