SYSTEMS AND METHODS FOR PERFORMING TARGETED SCANNING OF A TARGET RANGE OF IP ADDRESSES TO VERIFY SECURITY CERTIFICATES

摘要

The present disclosure is directed towards systems and methods for scanning of a target range of IP addresses to verify security certificates associated with the target range of IP addresses. Network traffic may be monitored between a plurality of clients and a plurality of serves over an IP address space. Traffic monitors positioned intermediary to the plurality of client and the plurality of servers can identify a target range of IP addresses in the address space for targeted scanning. The target range of IP address may be grouped into a priority queue and a scan can be performed of the target range of IP addresses to verify a security certificate associated with each IP address in the target range of IP addresses. In some embodiments, a rogue security certificate is detected that is associated with at least one IP address in the target range of IP addresses.

主权项

1. A method of scanning Internet Protocol (IP) addresses to identify rogue security certificates, comprising:
identifying, by a device intermediary to a plurality of clients and a plurality of servers, a plurality of Internet Protocol (IP) addresses in an IP address space for targeted scanning to identify at least one IP address providing a rogue security certificate, each IP address of the plurality of IP addresses identified based on network activity corresponding to the IP address; determining, by the device, for each IP address of the plurality of IP addresses, a priority level to assign to the IP address based on the network activity corresponding to the IP address; assigning, by the device, the determined priority level to each IP address of the plurality of IP addresses; and providing, by the device, the plurality of IP addresses and the corresponding assigned priority levels to a scanning agent to scan the plurality of IP addresses based on the corresponding assigned priority levels to identify the at least one IP address of the plurality of IP addresses that provides the rogue security certificate.