Rapid7 Launches Crowdsourced Security Research Project

wiredmikey writes "Vulnerability management software company Rapid7 has launched an ambitious community project to scan the public Internet, organize the results and share the data with the IT security industry. The brainchild of Metasploit creator HD Moore, the overall goal of Project Sonar is to crowdsource the discovery and reporting of security vulnerabilities of affected software and hardware vendors. 'If we try to parse the data sets ourselves, even with a team of 30 people, it would take multiple years just to figure out the vulnerabilities in the data set. It's ridiculous, really,' Moore said in an interview with SecurityWeek. To start, Rapid7 has released about 3 terabytes of raw data generated from scans across public Internet-facing systems. The data sets relate to IPv4 TCP banners & UDP probe replies, IPv4 Reverse DNS PTR records and IPv4 SSL Certificates. Moore's team also listed a set of tools used to generate the data sets. They include ZMap, an Internet-scale scanner developed at he University of Michigan; UDPBlast, a stand-alone UDP scanning utility; and MASSCAN, an Errata Security tool that claims to scan the entire IPv4 internet in three seconds."