Port Scan the Entire Internet in 5 Minutes?

One of my favorite sub-reddits is /r/coolgithubprojects. I check it out a few times a week looking for interesting open source projects. One interesting project that I recently found is called MASSCAN and claims to be able to scan, as in port scan, the entire internet in 5 minutes. It works in a similar way to nmap. I thought I’d try it out and show you the results.


Pretty simple ubuntu install, didn’t run into any issues and it compiled quickly. I simply followed the instructions for ubuntu in the readme. I used one of my medium instances on ec2.


time ./masscan -p80 --max-rate 100000 --output-format list --output-filename results.txt

Under these settings, it should be transmitting 100,000 packets/second to the entire 10.x.x.x subnet, all 16 million addresses, and output a list of hosts with port 80 responding to results.txt



Starting masscan 1.0.3 ( at 2017-01-19 16:42:20 GMT
 -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 16777216 hosts [1 port/host]
real	7m42.419s
user	0m6.103s
sys	0m10.358s

Output – results.txt

Masscan ran for exactly 7 minutes 42 seconds. At the end, the results.txt file was empty. So not sure what I did wrong, could be getting blocked at these packets per second on the amazon ec2 network. But there should have been 30-50 or so hosts with port 80 up in a mix of local and WAN hosts. Comment if you know what’s wrong. I’d love to see someone else’s results.

Config File

# resume information
resume-index = 3687
rate =     100.00
randomize-hosts = true
seed = 4219316085641713192
shard = 1/1
adapter =
adapter-ip =
adapter-mac = 00:00:00:00:00:00
router-mac = 00:00:00:00:00:00
output-format = unknown(0)
show = open,,
output-filename =
rotate = 0
rotate-dir = .
rotate-offset = 0
rotate-filesize = 0
pcap =
retries = 0
ports = 80
range =

capture = cert
nocapture = html
nocapture = heartbleed

min-packet = 60


Leave a Reply

Your email address will not be published. Required fields are marked *