See Your IoT Digital Footprint (and Security Vulnerabilities) with Shodan - LEKULE

Breaking

10 Aug 2016

See Your IoT Digital Footprint (and Security Vulnerabilities) with Shodan

Discover a unique search engine: Shodan provides information about every device connected to the internet.

We're all familiar with search engines. You might even have found this article through one. The most popular search engine in the world, Google, functions by pulling information from their index of the web based on queries. It and other search engines are useful for finding answers to questions and connecting with others.

But by comparison, the Shodan search engine allows you to search any device that is connected to the internet, included servers, webcams, and video games.

Shodan shows a density map of where that connected device is being used in large quantities. In essence, it helps you understand what devices are connected to the internet and where they are.
You can search by the type of device as well as the name of the device. Once you click on a specific device, you can log into it to view all sorts of data and see what the device sees.
Yes, you read that right. Shodan can help you see what an unprotected connected device sees. You could theoretically look around using a device such as a webcam, security camera, or computer.
However, in order to access most of the features, you do have to sign up for a free account.

Walkthrough of a Search

In the search box, you can type in any keyword that may interest you:



For instance, typing in “Power Plant” brings up a list of 21 results that may show any of the following pieces of information (or even other pieces of information):
  • IP address
  • website name
  • type of device
  • country
  • date the device was added
  • name of the owner 
What's displayed varies based on the type of device, what information the owner shares, and what information is available.
Clicking on the first IP address on the list of the devices shows a more detailed map of where a device is located, what organization owns it, when it was last updated, and its Autonomous System Number (ASN). All of this information and more is listed on the left-hand side.
On the right-hand side, the ports being used by connected drives are listed, followed by a detailed description of each port listed in numerical order. The details of each port may include what type of port it is, what protocols it is using (such as tcp, snmp, or udp), and any keys or names it may be using.

Exploring Shodan

From any page, the top menu bar has a button that says “Explore”. If you click on it, Shodan will show you Featured Categories, Top Voted, and Recently Shared. Following these links will take you to a list within that category or a choice between other subcategories.



For instance, clicking on “Databases” shows a list of several different database technologies such as MongoDB and MySQL. Clicking on “Explore MySQL” shows a list of the devices connected to the internet that are somehow related to MySQL. The concentration of those uses is displayed on a map with the darker color indicating a larger concentration of MySQL devices in this case.
Also displayed is a list of the top five organizations using MySQL, the top versions, and the top operating systems.
Clicking on a country name shows a list of the top cities using the database system— and clicking on a city name further narrows down the devices using the database. Clicking on an organization, operating system, or versions also will also filter the results further.


Click to enlarge.

The information in all of the search queries can always be saved or sent to an email address. The Shodan technology can also be used through an API and incorporated it into your own website or application.

You can use Shodan for good or ill—to see how protected your information is or to see how vulnerable other devices are. Or, you can simply use Shodan to satisfy your curiosity about how many people are using a particular device in an area.


In any case, Shodan is a fascinating look into the Internet of Things, helping us all get a clearer idea of how vast and deep it truly is.

No comments: