Project Sonar : from #ScanAllTheThings to #GrepAllTheThings… here we go !

« Unity is strength ! » is with these words that I summarize initiative launched by the holders of this project.

There’s a few years, scan the Internet in its majority* was a challenge for which he had to bring adequate resources, not to mention special (bandwidth, storage space, equipment … ).
These days , with the development of tools, techniques, and lower infrastructure costs, the challenge is smaller. Indeed, the news of theses last months reveals that it is now possible to scan the entire Internet to IP version 4 (see ) on a specific communication port in less than an hour [1] or less. [2]
Over time several projects in this direction have emerged, among them in 2012 and we got the « Internet Census«  project whose the process of research is pretty debatable but whom gave results of great value to the Tech community (the valuable datasets nearly 9 terabytes of raw data !)


The Project Sonar aims to establish a repository of all the data from different scans done on the Internet by various researchers around the world , in order to make the results of their work benefits to all .In addition, the project does not stop there because it is possible for others researchers to avoid the tedious job of scanning and just focus only on exploitation of data from differents scans performed by others researchers. Thus, the project takes its essence !
Already now the data of scans done as part of this project and related projects are available on the online platform created for this purpose, a single address for all :

Apart from facilitating the task for researchers and to maximize the use of data provided by these datasets, I find that this approach avoids that at any time the public interfaces of everyone are scanned, with in some situations can cause latencies or denials of service.

Working for some time on a project about mapping objects and services connected and their vulnerabilities in the African’s countries, this project falls like a godsend for me considerably eases my job !

A big up to the Rapid7s Team and all project partners and affiliated researchers !

Note that far beyond the purely technical aspect , the initiative intended to update several vulnerabilities in our infrastructures and protect themselves as the most frequently involved are not aware of any vulnerability that they  « host » and even if they are aware , they are doing nothing.

More details on the Sonar project here : Welcome To Project Sonar
On methods and tools to use for scans and best practice recommendations , the following link is quite instructive : #ScanAllTheThings

For information, the following link provides a solution set on foot by a researcher in order to facilitate the use of datasets provided by products Sonar Project [3] Reversedns FunnelCloud

*Majority of scan because it does not include (yet) addresses in IPv6 , but no doubt it is only a matter of time. Furthermore, some organizations have made requests to the researchers to exclude their IP ranges from scans.

[1] ZMap

[2] Masscan

[3] Rapid7 – Reverse DNS

Valdes T. Nzalli