Wouldn’t that be cool if we could
get access and control to security cameras, printers, toasters, traffic lights,
gas station, nuclear power plant, monitoring stations etc.? Well, that’s
exactly, what Shodan does for us. Basically, Shodan is a search engine that
help users find specific devices (routers, servers, switches, computers etc.)
that are connected to the internet.
This search engine was created by
John Matherly and launched back in 2009. What makes Shodan different from other
search engine is because of its algorithm, and definitely the way it unites the
devices linked with the internet. Some define it as a reconnaissance tool,
since it gives information about the open ports, service versions, server
information and much more about the specified devices. A penetration tester
would use this engine to find the targeted IP information which is publicly
exposed. Security researchers would use it to find certain devices or
information and generate report and distribute among the security community,
whereas the same information could also be used by the black hat community to
exploit the targeted network and cause damage to those vulnerable devices.
Most of the connected devices
tend to be vulnerable in one way or the other way. A script kiddie with no
prior knowledge of how things work, could use this engine and find widely open
devices which uses default password or no passwords in some cases and then
claim that they have hacked certain devices and act cool among friend circle.
Well, isn’t that cool? (And by saying that I don’t motivate you to act illegal)
Exactly, that’s what happen and what are happening. Sometimes back, security
researchers have found huge number of vulnerable monitoring devices which used default username and default password or no password at all.
Back in the time, people used
google dork to find out “How to hack IP camera” or so, but with Shodan you can
now act as a Hollywood hacker and act cool (And again by saying this I don’t
motivate you to act illegal either). Huge number of devices are widely
exploited and used by cyber folks and kids. IP cameras are just a simple
example. Not only IP cameras, but the devices I mentioned on the very first
sentence are online, can be seen at Shodan, which are widely vulnerable and could
easily be exploited with malicious intended folks from the dark.
It is always a best practice to
change your default usernames and passwords, close the unused ports, and update
your devices to the latest firmware and to the latest kernel release, patch the
vulnerability which are made public, do not open any port unless you really
need it and at least follow security related news to know what’s going on in
the security community.
At last, remember this adage,
“Bridge when you can and route when you must.” You might need it someday folks.