Around 10 million systems globally have their databases at risk and countless nodes leave telnet, printer, and other ports open, based on new info from Rapid7’s Project Sonar.
The huge port-scanning venture also discovered that countries with the most significant gross national product (GDP) also leave the most ports open with effortlessly intercepted and unencrypted communications: the US, China, France, and Russia, are on top of that list, according to Rapid7’s report.
The report includes many of their key findings and astounding statistics.
“Millions of systems on the internet offer services that should not be exposed to the public network. Our survey uncovered 15 million nodes appearing to offer telnet, 11.2 million appearing to offer direct access to relational databases, and 4.5 million apparent printer services.”
I’m always surprised how many services there are on the Net that have no business being there,” stated Rapid7’s senior security research manager, Tod Beardsley, who led Project Sonar. “Today when you have 40% of humans on the Internet and you’re exposing direct access to databases, that seems like such a bad idea.”
The report is only the initial step of an in-depth worldwide project for Project Sonar, he states. There are 42 million public IP nodes in addition to 592 million private or reserved IP addresses that Project Sonar wasn’t permitted to test due to the IPs’ “do not scan” requests, but Rapid7 guesses that in total, it scanned 146 million individual IPv4 addresses, which makes up approximately 20 to 40% of the address space.