Censys for Internet of Insecure things?

It was few days ago I read about a new search engine called Censys. I went to its website to have a look for more details.

Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet. Driven by Internet-wide scanning, Censys lets researchers find specific hosts and create aggregate reports on how devices, websites, and certificates are configured and deployed.” states the description on the Censys official website.

I was confused whether it is good or bad. I have read about hacker's search engine "Shodan" before and it was to locate the devices that were carelessly plugged into the internet. Before making a judgement, I wanted more details. I went through different websites to collect more information.

Some websites pointed out that, Censys is a search engine for hackers who want to search for every single Internet connected devices. It can also identify the vulnerability in device and help us in locating vulnerable devices. So this is something that will help hackers?? Ehh..

I read another report. Security researchers from an Austrian security company found that many manufacturers of home routers and Internet of Things (IoT) devices have been keeping the IoT devices at risk by re-using the same set of hard-coded cryptographic keys. As a result of this mistake, around 3 millions of IoT devices are now open to mass hijacking. This number was confirmed with the help of Censys.

So is this something good??

As per the report, more than three million routers, modems, and other devices are vulnerable to being hijacked over the Internet. There were more than 4000 firmware’s embedded devices, devices that belong to 70 vendors. The categories of devices include Internet gateways, routers, modems, IP cameras, VoIP phones etc.

We all know what is Census, govt officials used to visit homes to collect the details of our family members and they record it in a systematic way and it will be used for official counting of people in our country. So Censys has some relation with Census as the main intent of this project is to have a complete database of everything on the internet.

As per Zakir Durumeric, the University of Michigan researcher who leads the Censys open-source project says “We’re trying to maintain a complete database of everything on the Internet,”Censys collects data on hosts and websites via scans of the IPv4 address space and maintains a database of how they are configured using two companion tools— ZMap and ZGrab.

Names sound interesting,  ZMap is a network scanner developed by Durumeric and his team, can analyze 4 Billion IP addresses and collect information on a daily basis, and ZGrab, as an application layer scanner. Durumeric add that ZMap can determine not only what machines are online at any given moment, but also whether they have security flaws that should be fixed before they get exploited. It can find not only obvious software bugs but also more subtle issues, such as those caused by an IT administrator failing to properly implement a cryptography standard.

Censys is an open source project; this means that anyone can contribute in improving this project and most importantly the world’s biggest search engine “Google” is providing its infrastructure to power Censys. The main objective of this project is to maintain “complete database of everything on the Internet”. As per industry experts, Searching on Censys for software or configuration details associated with a new security flaw can reveal how widespread it is, what devices suffer from it, who they are operated by, and even their approximate location. This can be useful and has already helped researchers from SEC Consult and Duo Security to discover new vulnerabilities in software’s, but we need to wait and see about the risks involved in this.

The research paper by Zakir Durumeric and his team can be found here

Authored by Aju Nair

Rate this article: 
Average: 1 (2 votes)
Article category: