Shodan is a search engine for vulnerable Internet devices, a specialized search engine so to say that crawls the web exclusively for devices that are accessible publicly in one way or the other. The search engine concentrates on SCADA (supervisory control and data acquisition) systems and findings range from stand alone workstations to wide area networking configurations.
One of the best ways to get started using the search engine is to either take the tour, or click on one of the popular search queries displayed by the search engine on its front page. Examples include a search for routers that use the default admin password, web services that use default passwords, anonymous ftp servers or Cisco devices that do not require authentication at all.
The engine works pretty much like any other search engine out there but with a few extras to customize queries further. The filters page on the official website highlights available filters that you can use. This includes filters to specify ports, host names, locations or operating systems. The command country:us port:23 searches the service's database for Telnet ports in the US.
You can filter by country or service right from the main page by clicking on the down arrows beneath the search form. Here you can select one or multiple countries that you want to include in the search as well as popular services.
Shodan makes available contents that are publicly available. It does not crack, hack or decrypt information to make the services available, it only adds information that it finds to its database and makes that database available for searches. There is a high chance that the information that it finds get used by malicious users and organizations, but also by security researchers and businesses. One effect that Shodan may have is to bring security more into the focus of the public.
☛ El artículo completo original de Martin Brinkmann lo puedes ver aquí
No hay comentarios.:
Publicar un comentario