Muninn Monitoring Changes in the Icelandic Internet Through Repeated Port Scanning

Total Page:16

File Type:pdf, Size:1020Kb

Muninn Monitoring Changes in the Icelandic Internet Through Repeated Port Scanning Muninn Monitoring Changes in the Icelandic Internet through Repeated Port Scanning Alex Már Gunnarsson Níels Ingi Jónasson Sindri Ingólfsson Thesis of 12 ECTS Bachelor of Science in Computer Science May 2019 Muninn Monitoring Changes in the Icelandic Internet through Repeated Port Scanning Alex Már Gunnarsson Níels Ingi Jónasson Sindri Ingólfsson Thesis of 12 ECTS credits submitted to the School of Computer Science at Reykjavík University in partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science May 2019 Supervisor: Gylfi Þór Guðmundsson Examiner: Marcel Kyas Advisors: Theódór R. Gíslason Hlynur Óskar Guðmundsson Acknowledgements We would like to give special thanks to these individuals and organizations. Syndis was very generous to accomidate us by providing us with an office space, lunches and caffeine as well as advice from experts in the field. CERT for showing great interest in the project and providing advice regarding ethical concerns. Opin Kerfi was nice enough to allow us to perform our scans when no other service provider was willing to host us. Hlynur Þór Óskarsson for taking time out of his busy schedule to provide us with guidance on a weekly basis. Theódór Ragnar Gíslason for encouragement and being there when we needed to consult his expertise. Gylfi Þór Guðmundsson for being constantly ready to help and molding our mass of stupid ideas into good ones. i [This page is intentionally left blank] ii Contents 1 Introduction 1 2 Background 2 2.1 Standards and Definitions . .2 2.2 Internet Census 2012 . .5 2.3 Shodan . .5 2.4 Application for Historical Service Assessment (AHSA) . .6 2.5 Heimdallur . .6 3 Analysis of the Icelandic Internet 6 3.1 Problematic Firewalls . .7 3.2 Scanning the full port range . .8 3.3 Banners versus CPEs . .9 3.4 Noteworthy banners . 11 3.5 Scan Delta . 11 4 Design and Implementation of Muninn 15 4.1 Design . 15 4.2 Implementation . 17 5 Evaluation and Results 20 5.1 Selective scanning with Muninn . 20 5.2 Targeted Scanning with Muninn . 25 6 Discussion 26 6.1 Ethics . 26 6.2 Computer Emergency Response Team (CERT) . 27 6.3 Limitations . 27 7 Future Work 27 7.1 Automated tracking of changes . 28 7.2 Deeper scan . 28 7.3 Distribution of the platforms . 28 7.4 CPE extraction . 28 7.5 Going beyond Iceland . 29 8 Conclusion 29 iii Abstract The world is becoming ever more connected. Home routers, webcameras, databases, TVs and even garden sprinklers are all examples of devices that are now connected to the Internet. In this connected landscape hackers constantly look for vulnerable devices. A single version upgrade can mean the difference between a safe and compromised machine. In this paper we analyse the data made available by the port scanner Heimdallur. We aim to answer our research question: Can we monitor changes of the Icelandic Internet in semi real time through repeated port scanning? We constructed a new port scanner Muninn which utilizes historical information to scan even faster than previously possible. Muninn has two main uses. Firstly Muninn can obtain an updated view of all responsive Icelandic Internet services in just a few hours. This allows us to monitor any changes happening on the Internet. Secondly Muninn can find and monitor any specific set of services very closely. This can be crucial following the discovery of a vulnerability. It enables us to track any abnormal activity and see exactly for how long the machines remained vulnerable before updating to a safe version. iv 1 Introduction The Internet is a contraction of the words "interconnected network" and it is in this connectivity that the Internet’s greatest strength and its greatest security risks lie. Be- cause of this any service on the Internet is by design open to everything else unless it is specifically closed or hidden. IoT analytics estimated that the number of connected devices in 2018 exceeded 17 Billion [13]. With so many open and connected devices any- one with the mind for it can take a look or even interact with poorly configured services. This inevitably leads to many services being left unintentionally open, often with severe consequences. This was the case in 2012 when an anonymous researcher decided to scour the Internet for insecure devices. He managed to gain unauthorized access to around 420 thousand devices and turn them into a botnet under his control known as the Carna Botnet [2]. He then decided to use this botnet to scan the entire internet within an hour and later that year published his findings. Again four years later another person going by the name janit0r created a similar botnet [12]. However he had a more malicious intent, over the course of 13 months janit0r managed to destroy 10 million devices around the world mostly Internet access devices like modems, routers and gateways but also Hikvision and Dahua web cameras. The botnet was aptly named BrickerBot and caused a lot of commotion [21]. Considering all of this, it is no surprise that scanning tools which find and identify running services have become standard for security experts and hackers alike. Many tools which facilitate this like Nmap [14] have been around for more than 20 years. Today it is easier than ever to search the Internet for connected devices. In fact services like Shodan scan the Internet and then allow their users to search through the accumulated data [25]. In late November 2018 a person going by the name Hacker Giraffe used Shodan to find printers open to the Internet and with just a few lines of code 50,000 printers started printing a custom made message [1]. In an interview Hacker Giraffe said "I’m usually lurking around Shodan... I’m usually just searching around looking for something to mess with. I was really looking for some protocol that should not be opened to the Internet" [22]. This interview does not only reflect how easy it is for anyone to find vulnerable connected devices but also how dangerous and simple to abuse such information can be. It is clear that keeping a close eye on the status and responses of connected devices is crucial for computer security today. Plenty of research has been done on the state and security of the Internet but this research might not apply to the Internet of a small community like Iceland. There is a lack of research on Internet security in Iceland specifically and our project will aim to fill that gap. What most scanners today have in common is that they only provide a single snap- shot of the Internet. However the Internet is ever changing and such a snapshot lacks context of change and direction. The sudden appearance of multiple routers or webcams responding to a scan might indicate possibly vulnerable consumer devices. Additionally by monitoring changes one might be able to glimpse how fast patches rollout following 1 their release. Knowing this can be crucial in case said patches resolve a critical security vulnerability. This information can for example be used to estimate the probability of a security breach by determining how long services remain vulnerable and if some other services were hacked during that time. Everyone seems to agree that the internet is ever changing and growing yet there is barely any research on how the services on the internet change as time progresses. Our aim is to monitor changes in the internet in as close to real time as possible so that we can see how the Internet changes and evolves. Inspired by Norse mythology we have named our infrastructure Muninn, after one of the Odin’s two ravens. The 48th verse of the ancient nordic poem Gylfaginning describes the ravens as follows: Huginn ok Muninn fljúga hverjan dag jörmungrund yfir; óumk ek Hugin, at hann aftr né komi, þó sjáumk ek meir of Munin. [26] Huginn and Muninn are said to fly over the world and return with news to Odin each and every morning. They ensured Odin always knew what was happening in the world of men. This accurately reflects the design of our scanner Muninn which scans the Icelandic internet and observes changes happening every day. Additionally the scanner should be able to find and monitor specific services, ports or IPs more closely if deemed important or interesting. As we mentioned before, one can do bad things to vulnerable services. As important as this kind of research is, it is equally important to be ethical and to be careful when gathering the information. For this reason we have included a special section on ethics in this report. 2 Background Services such as Shodan constantly scan the Internet yet there are not many researches which have gleaned into the idea of monitoring the Internet from a security perspective. Actively watching for vulnerable services and monitoring their updates is not common, however there is some similar work in this field which relates to ours. In this section we will define all the background material that we build our contribution on, starting by defining some standards and definitions. 2.1 Standards and Definitions In this section we present key concepts that are needed to understand the research that Muninn is built upon. 2 2.1.1 IP Addresses, ports and CIDR An IP address is used to identify servers that host the various internet services. However due to Network Address Translation (NAT), we can not be sure whether there is a single host or multiple devices behind a single IP address. That is why we will mostly refer to IP addresses, however this should be thought of as interchangeable with hosts or networks.
Recommended publications
  • Safer Internet in Iceland
    SAFER INTERNET IN ICELAND TABLE OF CONTENTS Safer Internet Programme 04 INSAFE 04 INHOPE 05 Safer Internet Programme in Iceland 05 Project Management 06 Program Implementation 06 Websites 07 Saft survey 2013 07 Parental agreements 07 Home and school annual journal 2012 07 Safer Internet Day 2013 08 Best children’s online content 08 The web we want 08 Play and learn: being online! 09 Consultations of the Youth Panel 09 Meetings with parents, teachers, peer-to-peer educators and students 09 Safer Internet forum 2012 10 TEDx 10 Fréttablaðið 10 Wait for yes! 11 Garbage Island and Homecoming 11 Signing of a contract 11 Helpline 12 Hotline 12 National Cooperation 13 Cooperation with the INSAFE network 14 Cooperation with the INHOPE network 14 Conclusion 14 Illustrations by Birgir Isar Guðbergsson, 12 years old. The project is co-funded by the European Union through the Safer Internet plus programme: http://ec.europa.eu/ information_society/activities/sip/index_en.htm Save the Children á Íslandi SAFER INTERNET PROGRAMME Safer Internet Programme: Empowering of law enforcement bodies who exchange fighting illegal and harmful content on- and Protecting Children Online information and best practices related to line and actions promoting a safer online Young people and children are today criminal exploitation of the Internet in environment. amongst the biggest user groups of on- dissemination of child sexual abuse ma- line and mobile technologies in Europe. terial and a network of researchers who The Safer Internet programme has been The Safer Internet Programme aims at gather information about uses, risks and running since 1999. Three successive empowering and protecting children and consequences of online technologies for programmes have been adopted since young people online by awareness rais- children's lives.
    [Show full text]
  • Next Generation Web Scanning Presentation
    Next generation web scanning New Zealand: A case study First presented at KIWICON III 2009 By Andrew Horton aka urbanadventurer NZ Web Recon Goal: To scan all of New Zealand's web-space to see what's there. Requirements: – Targets – Scanning – Analysis Sounds easy, right? urbanadventurer (Andrew Horton) www.morningstarsecurity.com Targets urbanadventurer (Andrew Horton) www.morningstarsecurity.com Targets What does 'NZ web-space' mean? It could mean: •Geographically within NZ regardless of the TLD •The .nz TLD hosted anywhere •All of the above For this scan it means, IPs geographically within NZ urbanadventurer (Andrew Horton) www.morningstarsecurity.com Finding Targets We need creative methods to find targets urbanadventurer (Andrew Horton) www.morningstarsecurity.com DNS Zone Transfer urbanadventurer (Andrew Horton) www.morningstarsecurity.com Find IP addresses on IRC and by resolving lots of NZ websites 58.*.*.* 60.*.*.* 65.*.*.* 91.*.*.* 110.*.*.* 111.*.*.* 113.*.*.* 114.*.*.* 115.*.*.* 116.*.*.* 117.*.*.* 118.*.*.* 119.*.*.* 120.*.*.* 121.*.*.* 122.*.*.* 123.*.*.* 124.*.*.* 125.*.*.* 130.*.*.* 131.*.*.* 132.*.*.* 138.*.*.* 139.*.*.* 143.*.*.* 144.*.*.* 146.*.*.* 150.*.*.* 153.*.*.* 156.*.*.* 161.*.*.* 162.*.*.* 163.*.*.* 165.*.*.* 166.*.*.* 167.*.*.* 192.*.*.* 198.*.*.* 202.*.*.* 203.*.*.* 210.*.*.* 218.*.*.* 219.*.*.* 222.*.*.* 729,580,500 IPs. More than we want to try. urbanadventurer (Andrew Horton) www.morningstarsecurity.com IP address blocks in the IANA IPv4 Address Space Registry Prefix Designation Date Whois Status [1] -----
    [Show full text]
  • Gylfaginning Codex Regius, F
    Snorri Sturluson Edda Prologue and Gylfaginning Codex Regius, f. 7v (reduced) (see pp. 26/34–28/1) Snorri Sturluson Edda Prologue and Gylfaginning Edited by ANTHONY FAULKES SECOND EDITION VIKING SOCIETY FOR NORTHERN RESEARCH UNIVERSITY COLLEGE LONDON 2005 © Anthony Faulkes 1982/2005 Second Edition 2005 First published by Oxford University Press in 1982 Reissued by Viking Society for Northern Research 1988, 2000 Reprinted 2011 ISBN 978 0 903521 64 2 Printed by Short Run Press Limited, Exeter Contents Codex Regius, fol. 7v ..........................................................Frontispiece Abbreviated references ....................................................................... vii Introduction ..........................................................................................xi Synopsis ..........................................................................................xi The author ..................................................................................... xii The title ....................................................................................... xvii The contents of Snorri’s Edda ................................................... xviii Models and sources ........................................................................ xx Manuscripts .............................................................................. xxviii Bibliography ...............................................................................xxxi Text .......................................................................................................
    [Show full text]
  • Who Is Knocking on the Telnet Port: a Large-Scale Empirical Study of Network Scanning
    Session 15: Network Security 2 ASIACCS’18, June 4–8, 2018, Incheon, Republic of Korea Who is Knocking on the Telnet Port: A Large-Scale Empirical Study of Network Scanning Hwanjo Heo Seungwon Shin KAIST KAIST ETRI [email protected] [email protected] ABSTRACT this information (i.e., who serves what) is absolutely imperative for Network scanning is the primary procedure preceding many net- attackers. Hence, attackers aggressively gather this information by work attacks. Until recently, network scanning has been widely directly searching target hosts or even employing already deployed studied to report a continued growth in volume and Internet-wide malware (e.g., botnet) for efficiency. trends including the underpinning of distributed scannings by lin- As such, since this network scanning is an indispensable process gering Internet worms. It is, nevertheless, imperative to keep us for cyber attacks, attention should still be paid to it, even though informed with the current state of network scanning, for factual it has been studied, investigated, and monitored for a long time. and comprehensive understanding of the security threats we are Indeed, researchers and practitioners have already deeply surveyed, facing, and new trends to serve as the presage of imminent threats. analyzed, and measured this behavior [3, 8, 26, 34, 35]. However, it In this paper, we analyze the up-to-date connection-level log should be kept in mind that the characteristics of network scanning data of a large-scale campus network to study the recent scanning (e.g., main target services and scan origins) are quite sensitive to the trends in breadth.
    [Show full text]
  • Prose Edda Part 2: Pp. 35- 70 XVIII. Then Said Gangleri
    Prose Edda Part 2: pp. 35- 70 XVIII. Then said Gangleri: "Whence comes the wind? It is strong, so that it stirs great seas, and it swells fire; but, strong as it is, none may see it, for it is wonderfully shapen." Then said Hárr: "That I am well able to tell thee. At the northward end of heaven sits the giant called Hræsvelgr: he has the plumes of an eagle, and when he stretches his wings for flight, then the wind rises from under his wings, as is here said: Hræsvelgr hight he | who sits at heaven's ending, Giant in eagle's coat; From his wings, they say, | the wind cometh All men-folk over." XIX. Then said Gangleri: "Why is there so much difference, that summer should be hot, but winter cold?" Hárr answered: "A wise man would not ask thus, seeing that all are able to tell this; but if thou alone art become-so slight of understanding as not to have heard it, then I will yet permit that thou shouldst rather ask foolishly once, than that thou shouldst be kept longer in ignorance of a thing which it is proper to know. He is called Svásudr[Delightful.] who is father of Summer; and he is of pleasant nature, so that from his name whatsoever is pleasant is {p. 33} But the father of Winter is variously called Vindljóni[Wind-bringer] or Vindsvalr;[ Wind-chill] he is the son of Vásadr;[3] and these were kinsmen grim and chilly-breasted, and Winter has their temper." XX.
    [Show full text]
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb
    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
    [Show full text]
  • Comparison of Web Server Software from Wikipedia, the Free Encyclopedia
    Create account Log in Article Talk Read Edit ViewM ohrisetory Search Comparison of web server software From Wikipedia, the free encyclopedia Main page This article is a comparison of web server software. Contents Featured content Contents [hide] Current events 1 Overview Random article 2 Features Donate to Wikipedia 3 Operating system support Wikimedia Shop 4 See also Interaction 5 References Help 6 External links About Wikipedia Community portal Recent changes Overview [edit] Contact page Tools Server Developed by Software license Last stable version Latest release date What links here AOLserver NaviSoft Mozilla 4.5.2 2012-09-19 Related changes Apache HTTP Server Apache Software Foundation Apache 2.4.10 2014-07-21 Upload file Special pages Apache Tomcat Apache Software Foundation Apache 7.0.53 2014-03-30 Permanent link Boa Paul Phillips GPL 0.94.13 2002-07-30 Page information Caudium The Caudium Group GPL 1.4.18 2012-02-24 Wikidata item Cite this page Cherokee HTTP Server Álvaro López Ortega GPL 1.2.103 2013-04-21 Hiawatha HTTP Server Hugo Leisink GPLv2 9.6 2014-06-01 Print/export Create a book HFS Rejetto GPL 2.2f 2009-02-17 Download as PDF IBM HTTP Server IBM Non-free proprietary 8.5.5 2013-06-14 Printable version Internet Information Services Microsoft Non-free proprietary 8.5 2013-09-09 Languages Jetty Eclipse Foundation Apache 9.1.4 2014-04-01 Čeština Jexus Bing Liu Non-free proprietary 5.5.2 2014-04-27 Galego Nederlands lighttpd Jan Kneschke (Incremental) BSD variant 1.4.35 2014-03-12 Português LiteSpeed Web Server LiteSpeed Technologies Non-free proprietary 4.2.3 2013-05-22 Русский Mongoose Cesanta Software GPLv2 / commercial 5.5 2014-10-28 中文 Edit links Monkey HTTP Server Monkey Software LGPLv2 1.5.1 2014-06-10 NaviServer Various Mozilla 1.1 4.99.6 2014-06-29 NCSA HTTPd Robert McCool Non-free proprietary 1.5.2a 1996 Nginx NGINX, Inc.
    [Show full text]
  • The Unseen Reality Understanding Allegory and Symbolic Language of Myths and Ancient Poems - on Heathenry‘S Abyss
    Sjálfur leið þú sjálfan þig - thou thyself lead thyself. Óðsmál - The Unseen Reality Understanding Allegory and Symbolic Language of Myths and Ancient Poems - On Heathenry‘s Abyss May 13th 2013 - ISBN 978 9935 409 84 3 available on Amazon - by Guðrún Kristín Magnúsdóttir, Göia goði and mmedia.is/odsmal/odsmal An illustrated dictionary for the badly illiterate on Norse and Germanic myths and poems. Science of Consciousness -Now, what would that be? Science of Consciousness? -Revived by Maharishi Mahesh Yogi, known as Maharishi Vedic Science, is purified Vedic Science from Vedic Golden Age -- and also modern science (as far as it has yet come today). Maharishi also inspires research on ancient knowledge of our reverent forefathers, as he knows pure spiritualiy to be found in the great ancient traditions. That is why I am doing this. I met Maharishiji first in 1962. He was teaching the whole world TM. He was heightening the world consciousness, welcoming sat-yuga to us. Maharishi, being an enlightened man, and a physicist, and the greatest sage of our age, explains all in a way that every man can understand. Every man where-ever he may be on his evolutionary path, can understand, because this is about ourselves - that Unseen Reality. Our myths and poems have layers of understanding, contain allegory, symbolic language, and some funny metaphors. Understanding depends upon the purity of the thinking man. Everyone can learn the easy delightful short-cut technique to enlightenment. Our highly evolved human nervous system, Sleipnir, is all we need. (Sleipnir human nervous system my theory) SLEIPNIR -WHY SPEND TIME ON SCIENCE OF CONSCIOUSNESS? -Someone has to tell us why we should start understanding, and what there is to be understood.
    [Show full text]
  • German Cities Exposed a Shodan-Based Security Study on Exposed Cyber Assets in Germany
    German Cities Exposed A Shodan-based Security Study on Exposed Cyber Assets in Germany Natasha Hellberg and Rainer Vosseler Trend Micro Forward-Looking Threat Research (FTR) Team A TrendLabs Research Paper Contents TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and 4 should not be construed to constitute legal advice. The information contained herein may not be applicable to all situations and may not reflect the most current situation. Exposed Cyber Assets Nothing contained herein should be relied on or acted upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing herein should be construed otherwise. Trend Micro 5 reserves the right to modify the contents of this document at any time without prior notice. Translations of any material into other languages are Exposed Cities: intended solely as a convenience. Translation accuracy is not guaranteed nor implied. If any questions arise Germany related to the accuracy of a translation, please refer to the original language official version of the document. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or 12 enforcement purposes. Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro Exposed Cyber Assets makes no warranties or representations of any kind as to its accuracy, currency, or completeness. You agree in Germany that access to and use of and reliance on this document and the content thereof is at your own risk.
    [Show full text]
  • Svinnur Vín Valföðurs Gungnir Glaðheimar
    Goþrún dimmblá skráir mál litlu kjaftforu völvu Óðsmál in fornu ISBN 978-9935-409-40-9 14. ISBN 978-9935-409-13-3 svinnur vín valföðurs Gungnir Glaðheimar Göia goði, Óðsmál, http://www.mmedia.is/odsmal [email protected]; [email protected] Norræn menning ***************************************** +354 694 1264; +354 552 8080 svinnur (vitund) vín Valföðurs (lífs flæði) val þýðir fara, nálgast, flýta, og einnig að snúa aftur heim 1 Gungnir (bylgjur) Glaðheimar (gleikkun manns vitundar) -Heill, Óðinn, sem æ við vín eitt unir. -Heil, völva. Heill sé þér. Veit ek hví þú ávarpar mig. Yppir Óðinn svipum fyr Sigtíva sonum. Sækist þú eftir aufúsuþekkingu frá mér. (aufusa gleði fagnaðarefni) Muntu vilja bergja á kálki hjá mér í hverjum er hunangsmjöðurinn. Tilgangur lífsins er hamingja, Glaðheimar, gleikkun hamingju (17.) og sælu Sólar (17.). Þar nema menn frævast og fróðir vera og vaxa og vel hafast. Orðs sér af orði orðs leita, verk sér af verki verks leita. Sjá munu devata, tíva, í orðum vedanna, og flæðið úr gapinu milli orðanna. Allt verður til úr gapinu milli orðanna. Mismunadi devata, tívar, breyta orðum vedanna í gapinu milli þeirra. Í gapinu milli atkvæðanna. Þetta hið óskapaða svið er ævarandi heimur, gapið mikla sem ætíð er og ætíð verður. Ginnungagap er dýpið. Hefur yfirborðsöldur, en öldur eru í raun hafið. Ginnungagap er einnig þekkt sem Mímir (13.; frb.ísmriti) . Tengslum milli dýpisins og yfirborðsaldanna er viðhaldið af devata, tívum, höftum og böndum. Það eru þau in glæstu tívasjöt. Ginnungagap er kyrrð dýpisins, segir Mímir alminnugr. Ginnungagap hefur yfirborðsöldur sem við sjáum sem alheiminn. 2 Öldur á hafi eru í raun hafið.
    [Show full text]
  • The Nordic Gods
    The Nordic Gods The Nordic gods were worshipped by the Vikings in the era 900AD - 1100AD. Belief in the gods existed before this time, but it was not organized and the myth would differ from region to region. The gods were called the Asa Gods, or the anglified Aesir. There were also nature gods called the Vana Gods or Vanir. The religion was called asatro, in English Asatru, which means Asa Faith. In time a rich mythology with many gods and tales would emerge, although it can be seen in some cases that various gods were strangely similar to each other in either names or functions; this is a result of the effort to merge disparate beliefs into one mythology. For example, Oden and his wife Frigg appear much the same as Freya and her husband Od, and the sea gods Ägir and Njord have very much the same function. Other times the same deity has several names; Måne and Natt is one example. The strength of the mythology in daily life would vary. It is clear that Nordic mythology was the lense through which the world was explained, but it was never a fervent belief; like other polytheistic faiths it was relaxed and the result of spontaneous growth, not an organized effort. In times and places of great wealth the mythology would take richer forms, such as the great temple in Upsala, which was a center of worship for travellers from many regions. In this temple there were priests who would lead the worship, and there would sometimes be priests in larger villages, usually old men from wealthy families who could no longer work the fields.
    [Show full text]
  • An Intelligent Improvement of Internet-Wide Scan Engine for Fast Discovery of Vulnerable Iot Devices
    S S symmetry Article An Intelligent Improvement of Internet-Wide Scan Engine for Fast Discovery of Vulnerable IoT Devices Hwankuk Kim ID , Taeun Kim and Daeil Jang * Korea Internet & Security Agency, 9, Jinheung-gil, Naju-si, Jeollanam-do 58324, Korea; [email protected] (H.K.); [email protected] (T.K.) * Correspondence: [email protected]; Tel.: +82-61-820-1274 Received: 31 March 2018; Accepted: 7 May 2018; Published: 10 May 2018 Abstract: Since 2016, Mirai and Persirai malware have infected hundreds of thousands of Internet of Things (IoT) devices and created a massive IoT botnet, which caused distributed denial of service (DDoS) attacks. IoT malware targets vulnerable IoT devices, which are vulnerable to security risks. Techniques are needed to prevent IoT devices from being exploited by attackers. However, unlike high-performance PCs, IoT devices are lightweight, low-power, and low-cost, having performance limitations regarding processing and memory, which makes it difficult to install security and anti-malware programs. Recently, several studies have been attempted to quickly search for vulnerable internet-connected devices to solve this real issue. Issues yet to be studied still exist regarding these types of internet-wide scan technologies, such as filtering by security devices and a shortage of collected operating system (OS) information. This paper proposes an intelligent internet-wide scan model that improves IP state scanning with advanced internet protocol (IP) randomization, reactive protocol (port) scanning, and OS fingerprinting scanning, applying k* algorithm in order to find vulnerable IoT devices. Additionally, we describe the experiment’s results compared to the existing internet-wide scan technologies, such as ZMap and Shodan.
    [Show full text]