Apr 29th 2015 - Now with SSL
If you're one of those people who only views the HTTPS version of websites, you're good to go now. Valid certificates and everything.
Feb 4th 2015 - New Host!
It's been a long time coming, but I've finally moved things over to a new host! It would basically be impossible for this host to be less stable than the last one, but hopefully it's actually pretty solid now.
For those who are curious, previously this website was hosted on ChicagoVPS for a cost of $4.33 per month (originally $3.33). You may think as I did, hey, how can you go wrong for $3/month? But as it turns out, hosting at ChicagoVPS is worth about $-10 a month. I've now doubled the budget, and things are hosted for $7 per month, obviously at a new provider! The moral of the story is that for the price of a cup of coffee per month, you too can do big data analysis!
Sometime before next decade I will have the service scan data online as well. I hear the internet census people are doing a new scan too, will be exciting to see what comes of that!
Oct 13th 2014 - Changing Hosts
Things are temp down while moving hosts. ChicagoVPS can die in a fire.
Maybe I'll add some updates when we're on the new host!
June 26th 2013 - Downtime
As of about a week ago, my server provider was compromised and the majority of their data, including my VPS was deleted. While I can't say that this is all that surprising, their handling of the situation has been completely terrible; it's not like they don't have enough experience with being in this situation. More on this later though!
Sometime in the not to distant future I will move everything over to a new host which should be able to accomodate the service scan data. Either way, restoring everything from my local backups should not take too long, but I have not had any free time over the past week. Check back soon, and everything should indeed be back online and running again. Sorry for the inconvenience!
June 13th 2013 - BIOS based rootkit research posted
Over on the research page I've posted a write-up of how to create a BIOS based rootkit, along with a PoC and source code. I originally completed this project several years ago, but it is still fairly relevant.
I've tried to structure the code and scripts so that they are easy to try out and modify, but there's also a sample patched BIOS that can be tried with most versions of VMware. Patching your motherboard's BIOS probably isn't for everyone, so it's nice that this can also be effectively tested in VMware.
In other news, the Internet Census service scan data is coming along, but it's a bit of a slow process. I hope to have an update regarding it sometime in the next week.
May 21th 2013 - Internet Census 2012 search update
The reverse DNS (rDNS) data is now available for searching as well. Currently only terms longer than 5 characters can be searched, and the number of results will be limited to a few thousand.
Fun queries that can be run now that hostname searching is available include:
- Looking up companies. Try
- Looking for data or systems that should not be public. Try
- Looking for systems that probably have poor security or otherwise should not be available. Try
- Looking control system equipment. Try
automation, etc (start by looking up interesting ports like 502 or 20000!)
- Looking up random services. Try
Upcoming updates (in order):
- rDNS exact matching, and support for subterms shorter than 5 characters
- Port scan data reliability rankings, to help filter out false positives
- Service/banner scan data
May 5th 2013 - Website online!
After much delay, this website is now online. The driving reason behind this website (initially) at least is to get the Internet Census 2012 data online in a searchable form. Over the next week I plan to post some updates with some of my past research, tools, etc, so please check back every so often! Going forwards I plan to host any new projects or research here as well.
I don't have any comment boxes or anything like that on this website, but I would love any feedback anyone has! Please send any thoughts, suggestions, or hate mail
to my email on the contact page (I don't recommend hate mail, will get you on "the list").