Security Monitor

2022

Mining Trojan Monitoring of CERNET

Published:

Abstract

Mining Trojan Monitoring of CERNET, by analyzing NetFlow data from CERNET network node, we managed to monitor the network traffic of mining trojans in CERNET, and build a visual monitoring system that can track the distribution of mining behaviors in CERNET. This system provides the geographical distribution of global mining pool addresses, the daily monitoring of mining traffic and the statistics of the mining behaviors of schools and institutions in CERNET. We will pay close attention and continue to update this page for a long time, and actively contribute to the maintenance of the network security of the education network.

2021

XMap: The Internet Scanner

Published:

Abstract

XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning. XMap is reimplemented and improved thoroughly from ZMap and is fully compatible with ZMap, armed with the “5 minutes” probing speed and novel scanning techniques. XMap is capable of scanning the 32-bits address space in under 45 minutes. With a 10 gigE connection and PF_RING, XMap can scan the 32-bits address space in under 5 minutes. Moreover, leveraging the novel IPv6 scanning approach, XMap can discover the IPv6 Network Periphery fast. Furthermore, XMap can scan the network space randomly with any length and at any position, such as 2001:db8::/32-64 and 192.168.0.1/16-20. Besides, XMap can probe multiple ports simultaneously.