Project Sonar
Revision as of 15:21, 12 November 2018 by JustAnotherArchivist (talk | contribs) (Created page with "{{Infobox project | title = Project Sonar | URL = {{URL|https://www.rapid7.com/research/project-sonar/|Description}}<br />{{URL|https://opendata.rapid7.com/|Datasets}} | proje...")
| Project Sonar | |
| URL | Description[IA•Wcite•.today•MemWeb] Datasets[IA•Wcite•.today•MemWeb] |
| Status | Online! |
| Archiving status | Not saved yet |
| Archiving type | Unknown |
| IRC channel | #archiveteam-bs (on hackint) |
Project Sonar by security company Rapid7 is a collection of internet-wide network scans with the aim of investigating vulnerabilities. The data is available for free, though many files (historical and most current ones) require an account.
Datasets
As of November 2018, the following data is available through Project Sonar:
| Dataset | Description | Scan frequency | Data range | Available without registration |
|---|---|---|---|---|
| Forward DNS (FDNS) | "DNS 'ANY', 'A', 'AAAA', 'TXT', 'MX', and 'CNAME' responses for known forward DNS names" | Weekly | Feb 2017 to present | Third most recent scan |
| Reverse DNS (RDNS) | "DNS IPv4 PTR responses" | Weekly | Feb 2017 to present | Third most recent scan |
| HTTP GET Responses | "Responses to HTTP/1.1 GET requests against various HTTP ports" | Bi-weekly | Oct 2013 to present | Second most recent scan |
| HTTPS GET Responses | "Responses to HTTP/1.1 GET requests against various HTTPS ports" | Bi-weekly | July 2017 to present | Second most recent scan |
| SSL Certificates | "X.509 certificate metadata observed when communicating with HTTPS endpoints" | Bi-weekly | Oct 2013 to present | Second most recent scan |
| More SSL Certificates (non-443) | "X.509 certificate metadata observed when communicating with miscellaneous non-HTTPS endpoints, such as IMAPS, POP3S, etc." | Bi-weekly | June 2014 to present | Second most recent scan |
| UDP Scans | "UDP scan results for common UDP services across all of IPv4" | Monthly | June 2014 to present | Second most recent scan |
| TCP Scans | "SYN scan results for common TCP services across all of IPv4" | Weekly | Mar 2017 to present | Second most recent scan |
| National Exposure Scans | "Open port results for Rapid7's National Exposure reports" | N/A | Apr 2016 to Apr 2018 | None |
| Rapid7 Heisenberg Cloud Honeypot cowrie Logs | "Rapid7 Heisenberg Cloud Honeypot cowrie Logs" | N/A | Nov 2016 | None |
| Forward DNS (FDNS) -- ANY 2014-2017 | "DNS 'ANY' responses for known forward DNS names from 2014-2017" | Weekly | Mar 2014 to Jan 2017 | None |
| Reverse DNS (RDNS) -- 2013-2017 | "DNS IPv4 PTR responses from 2013-2017" | Weekly | Sept 2013 to Feb 2017 | None |
| Critical.IO Service Fingerprints | "The Critical.IO project was designed to uncover large-scale vulnerabilities on the global IPv4 internet and scanned a number of ports across between May 2012 and March 2013." | Monthly | May 2012 to Mar 2013 | None |