Researchers have developed a method that allows them to scan the entire Internet in less than an hour. The method is an open-source network scanner called ZMap, and researchers from the University of Michigan created it as a method to expose vulnerabilities in networks, develop appropriate defensive mechanisms, and conduct more efficient research.

As the video above explains, ZMap surveys every IP address on the Internet, a process that usually can take months. ZMap manages to accomplish this task in about 45 minutes, all from a single machine, while approaching incredible speed.

In order to understand how ZMap works, it's helpful to understand Nmap, the method currently used for network scanning. Nmap sends individual signals out to each IP address and waits for a reply while aggregating a list of those contacted. As you can probably imagine, this can take a very long time.

Furthermore, as The Washington Post explains, "keeping records for each outstanding request still creates a lot of overhead, which slows down the scanning process."

ZMap also sends out requests to IP addresses, but it encodes the outgoing request with identifying information, so when it does come back to ZMap, the machine can decode the responses. It also doesn't keep a list of outstanding requests. The Washington Post explains that "the lower overhead of this approach allows ZMap to send out packets more than 1,000 times faster than Nmap."

The researchers used ZMap to get a bigger picture of how Hurricane Sandy affected people on the East Coast. When a hurricane strikes, computers in the area are knocked offline, which can give a good understanding of the number of people affected. ZMap quickly scanned the area to provide real-time data.

In response to concerns about Internet privacy, ZMap's creators explain: “It should go without saying that scan practitioners should refrain from exploiting vulnerabilities or accessing protected resources, and should comply with any special legal requirements in their jurisdictions.”

Do you think ZMap is a valuable system for ethical Internet research? Or do you think it could easily be misused? Let us know in the comments, below.

Image: David Davies