2016 National Exposure Index

Inferring Internet Security Posture by Country Through Port Scanning

By: Bob Rudis, Chief Security Data Scientist
Tod Beardsley, Senior Security Research Manager
Jon Hart, Senior Security Researcher


This Rapid7 report offers an extensive and technical exploration of data derived from Project Sonar, our security research project that gains insights into global exposure to common vulnerabilities through internet-wide surveys across different services and protocols.  

Given the increased reliance we all have on the internet - for everything from ecommerce, to monitoring the power grid, to adjusting our thermostats - we wanted to leverage the reach of Project Sonar to understand overall internet threat exposure at both a general level and at a country/region level.


Download and read the full report to learn about our key findings, which include:

  • Millions of systems on the internet offer services that should not be exposed to the public network. Our survey uncovered 15 million nodes appearing to offer telnet, 11.2 million appearing to offer direct access to relational databases, and 4.5 million apparent printer services.
  • 4.7 million systems expose one of the most commonly attacked ports used by Microsoft systems, 445/TCP.
  • SSH (secure shell) adoption over telnet (cleartext shell) is gaining ground over telnet, with over 50% of regions offering more ssh servers than telnet servers.
  • Non-web-based access to email (via cleartext POP or IMAP protocols) is still the norm versus the exception in virtually every country.
  • There is a correlation between the GDP of a nation, overall internet "presence" in terms of services offered, and the exposure of insecure, cleartext services.
  • The most exposed nations on the internet today include countries with the largest GDPs, such as the United States, China, France, and Russia.


Fill out the form to download the report

Share to Facebook Share to Twitter Share to LinkedIn
The 2017 National Exposure is Now Available for Download