Upload
totaldefense
View
365
Download
1
Embed Size (px)
DESCRIPTION
Shodan is a computer search engine which scans and searches any online devices such as webcams, routers, printers, iphones etc filtering based on User Agent & Country. Visit http://blogs.totaldefense.com/securityblog.aspxfor cloud-based endpoint security solutions for home and businesses.
Citation preview
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 1
Shodan: Unstoppable search engine
If until today you were afraid from Google search engine, think again. Meet the Shodan search engine.
Unlike Google that runs various scans on network sites, Shodan concentrates on "the back of the
network”, and scans servers, network cameras, printers, routers and everything that is connected to
the Internet.
The engine, running 24 hours a day, 7 days a week, gathers information on some 500 million devices
and services connected, every single month, and possibly you are there in the search results.
A simple search can show you results you never thought that you could find online, at least not so
simple. From printers and webcams, through management systems of smart homes and traffic lights -
with information available to the public, and usually particularly vulnerable.
Among the surprising systems that the search engine displays, you can also find water parks control
systems, gas stations, wine coolers in various hotels and even control systems of nuclear plants.
While there is no doubt that this is an alarming finding, it becomes even more dangerous when it is
revealed that large part of those servers are not secure at all, and some offer such basic security
system, which allows any hacker who wants it to break in and take control. In fact, a brief search of
concept such as “default password” will present a wide range of devices that have not changed their
basic password, and still use the familiar combination "1234".
While the home site of the search engine looks like any other search engine, there are some filters that
let you find more interesting results - such as specific ports, host names, locations and even operating
systems. Of course you can filter the results by country or service, and get connected to elements most
relevant to you, and maybe even find your printer in the search results.
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 2
To help ensure the engine is not used for bad purposes, John Matherly, the creator of the search
engine, limited the search results to only 10 for occasional users, and 50 for registered users. The more
users would want information on the various search results, the more they will have to provide more
personal information about themselves, and of course pay for it.
The engine can be used to identify the non-secure connections and handle them before the “bad guys”
notice and decide to take advantage of the situation. Of course the goal is to raise awareness and
inform organizations and institutions on the lack of security - in hopes that they will succeed in
changing the situation.
While it is obvious that malicious users could take advantage and abuse this search engine, most cyber
criminals now running on botnets already have control on many Internet-connected devices, so they
already have broad access to all the information they need to attack, take down or steal. Therefore,
most of the information contained in the search engine already exists for them in other ways, such
information is available to everyone via the Internet, you just have to know how to look for it.
The biggest problem referred here is about devices that are not supposed to be connected to the
Internet at all. IT managers and users often are too lazy to define proper passwords, make connections
properly and make sure their network is secure, hence allowing search results such as water heaters
connected to a network, or systems controlling different parks or facilities.
In light of the fact that there are dozens of hacker groups out there such as the ‘Anonymous’ group,
there is no doubt that the search engine in question holds information that could be worth gold for
groups like this. To avoid the machines and your products to be victims of attack, we encourage you to
make the necessary changes to ensure printers, computers, routers and other equipment protected and
not available to anyone who wants it - even if in the end it is "only" security researchers or bored users.
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 3
About TotalDefense:
Total Defense(@Total_Defense) is a global leader in malware detection and anti-crimeware solutions. We offer a broad portfolio of leading security products for the consumer market used by over four million consumers worldwide. Our solutions also include the industry’s first complete cloud security platform, providing fully integrated endpoint, web and email security through a single Web-based management console with a single set of enforceable security policies
Total Defense is a former business of CA Technologies, one of the largest software companies in the world, and has operations in New York, California, Europe, Israel and Asia.
Visit http://www.totaldefense.com/ for web, cloud & mobile security solutions for home users and businesses.