Zmap Fast Network Scan
Check open ports across a wide range of IP addresses with this blazing fast port scanner. Makes use of Zmap, an open source port scanner designed to scan the entire Internet quickly.
With our hosted service you are able to sweep the external IP space of your Enterprise networks. Scanning Infrastructure that is optimized, cost-effective and time saving.
Understand your external network attack surface
About the Zmap Network Scan
Zmap was built to scan the Internet. Developed by a team at the University of Michigan, it has been used by researchers from Rapid7, Scans.io and Censys.io to gather data on the state of Internet Security from an open service perspective. Another related Internet scan project but unrelated to the Zmap tool is the well known shodan.io.
By providing hosted access to this tool we are enabling large IP space owners such as Universities, Large Enterprises and Government Agencies to simply gather intelligence on the perimeter of the organisation. Many successful attacks are the result of poor asset management, where the number and nature of listening services in a large organisation is unknown. If you do not know what is listening how can you hope to secure the organisation.
These days, complaining about being scanned is about as useful as griping that the top of your home is viewable via Google Earth. Trying to put devices on the Internet and then hoping that someone or something won’t find them is one of the most futile exercises in security-by-obscurity.
Brian Krebs (krebsonsecurity.com)
Launch a Fast Zmap Scan in 3 Simple Steps
1. Fill out the form, enter ranges of IP addresses to test
You must enter a public IP address range, as a single target or list of targets. Individual IP addresses and hostnames can also be entered. This particular scan type excels at wide ranging scans across large net blocks.
2. Select the TCP Ports to Test
The port options include scanning 12 of the most common TCP services, the top 100 ports (as commonly used in Nmap Scans) or a custom selection of ports. Enter the custom ports as a comma seperated list of ports (max 100).
To scan all ports you will need to use the Nmap port scanner. Many customers are using the Zmap tool to discover "live" hosts with the smaller number of ports and then doing more comprehensive Nmap scans with service identification to gather additional information on the system.
Note that there is currently no UDP available in our hosted version of this tool. We are still testing the UDP scan module that comes with the tool. Once again the Nmap port scanner can be used for UDP service scans.
3. Review the Output
Options for the output include combining the results into a single report or having the list of targets broken up into individual scans.
The output from the scan includes two text files. The first is a list of all hosts where listening ports were discovered. This is specifically designed to be copied directly into the Nmap Port Scanner form.
The second text file is the Zmap-ports-xxxxxxxx.txt, this includes a summary of all hosts with open ports listed as shown here.
192.168.1.1,80//443 10.0.0.5,22//445//3389 10.0.0.8,25//445//3389
Results are available for download through the dashboard or as an attachment to the email you will receive once the scan is completed.
Scan Rate (how fast is it?)
Since our clients are scanning a wide range of targets, we limit the Zmap scanner to 10 thousand packets per second. This is a balance between having the advantage of a very fast port scanner, while minimising the possibility that the scan will saturate Internet connections and cause a denial of service against the affected system or network!
With a scan rate of 10 thousand packets per second we can still find open ports across a class B network very fast. In fact to scan 1 port across the 65535 hosts in a /16 we will be finished in about 8 seconds. Top 100 ports across the same /16 and we are looking at around 10 minutes.
About the Zmap Project
The open source Zmap project has a number of powerful tools (not only zmap) capabable of gathering network intelligence across the entire Internet. The project site is the best place to learn about this cutting edge project and download the software.