It allows you to perform a lot of neat tricks, such as see what your organization's public footprint looks like, as well as your competitors. You can use it to find interesting devices such as routers, webcams, printers, etc.
I performed the following searches to see just how many glaringly obvious vulnerable systems are exposed to the internet.
First search: "IIS/5.0". This search will produce systems which are running Windows 2000 with an IIS web server. Of course Windows 2000 and IIS 5.0 are no longer supported by Microsoft, and multiple vulnerabilities are publicly known.
So needless to say, I was quite disturbed when I found half a million exposed IIS/5.0 webservers.
 |
| IIS 5.0 on Windows 2000 |
I decided to try my luck and search for even older versions of IIS. And while the numbers weren't as severe as the IIS/5.0 numbers, the number of extremely vulnerable web servers out there is shocking.
 |
| IIS 4.0 on Windows NT 4.0 |
 |
| IIS 3.0 on Windows NT 4.0 SP2+ |
 |
| IIS 2.0 on Windows NT 4.0 with Service Pack less than 2.0 |
Well, maybe they are. In fact, there's almost 1,000 of them...
 |
| IIS 1.0 on Windows NT 3.51, Unsupported as of December 2001 |
Every one of these systems is a potential botnet drone just waiting for infection, if they haven't been compromised already.
If you're not concerned, you should be. These servers are your "neighbors" on the Internet. Once they are compromised, they can be used to attack your organization.
According to Netcraft, in May 2013 there were over 672 million web sites on the Internet. So while the number of unsupported Microsoft web servers is less than 1% of the Internet, these are still alarming numbers.
If these results are any indication of just how vulnerable the internet is, we've got a long way to go to properly secure it.
No comments:
Post a Comment