CPC H04L 63/1416 (2013.01) [H04L 63/0236 (2013.01); H04L 63/0245 (2013.01); H04L 63/0428 (2013.01); H04L 63/1433 (2013.01); H04L 63/20 (2013.01); H04L 63/205 (2013.01); H04L 69/169 (2013.01)] | 20 Claims |
1. A method comprising:
scanning the Internet for publicly accessible communication ports with probes having an initial payload, wherein scanning the Internet comprises scanning the Internet external to one or more networks corresponding to the publicly accessible communication ports;
for each response to the scanning,
determining whether the response indicates a network address active on a port and a service associated with the port;
based on determining that the response indicates a network address active on a port and a service associated with the port, determining a follow-up probe based on at least one of the network address active on the port, the port, the service associated with the port, and a protocol indicated by the response; and
executing the follow-up probe; and
updating a database based, at least in part, on the responses to the scanning with probes having the initial payload and responses to executing the follow-up probes.
|