Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shodan Computer Search Engine

Published byDominick Johns Modified over 8 years ago

Similar presentations

Presentation on theme: "Shodan Computer Search Engine"— Presentation transcript:

1 Shodan Computer Search Engine
Matt Jennings

2 Road Map What is Shodan? How does Shodan work? HTTP banners
Example searches Who uses Shodan? Conclusion

3 What is Shodan? Shodan is a computer search engine
Developed by John Matherly and launched in 2009 Originally developed for marketing research purposes Shodan is somewhat similar to Google, Bing, Yahoo etc.

4 What is Shodan? Media Attention People were able to access
Powerplants, hockey rinks, red-light cameras, webcams, particle accelerators Brought to light the lack of security

5 How does it work? Google 1.) Crawl the web for data 2.) Index 3.) Search Shodan 1.) Probes ports of nodes 2.) Grab HTTP headers 3.) Index HTTP headers 4.) Search Instead of searching for web content, you are searching for information from HTTP headers

6 Service Headers Information can be gathered from:
HTTP(port 80), FTP(21), SSH(22) and other service headers Headers contain information such as date, server, last updated, connection, content type, welcome message, etc.

7 Example HTTP response header

8 Shodan Does not require account creation to search Without account:
Only 10 results per query Can’t filter by ‘country’ or ‘net’ With account: 50 results per query Increased filters Export XML data

9 Shodan Filters Syntax : ‘filter:value’ with boolean operators (+,-,|)
city and country city:”Pittsburgh” + country:US geo Geo:32.8,-117,50 hostname hostname:.ca net net /24 port port:21(ftp) os os:”windows 2000” SSL filters

10 GUI Country Filter USA first with 55 million hosts
China in 2nd with 17 million hosts

11 city:"Beijing" + country:China

12 hostname:.edu

13 Compound Search port:110 city:"New York" os:"Windows XP"

14 General Search “tomcat 6.0”
* Any text within the banner is searchable through Shodan

15 Network Radar

16 What we can learn from HTTP status codes
Can understand authentication properties through the status of HTTP request HTTP status codes 200 OK Request has been succeeded 401 Unauthorized WWW-Authenticate header 403 Forbidden Authorization will not work to access this resource

17 Example 200 OK request “cisco 200 ok country:BR”

18 Cisco 200 OK

19 Example 401 Authorization Request
“cisco 401 country:br”

20 Example 401 Authentication Header “admin+1234”

21 ICS-Cert Recommendations
Place all important systems behind a firewall and separated from other networks Use VPN Rename and change password of any default accounts Use lockout policies to prevent brute force attempts Strong password policies

22 Who uses Shodan Cybersecurity professionals Researchers
Penetration testers Researchers Law enforcement Cybercriminals - Identify open networks and notify users about them

23 Conclusion Seems scary Huge resource of information
Not anonymous Huge resource of information Increased security of devices

24 References http://www.shodanhq.com/

25 Questions

Download ppt "Shodan Computer Search Engine"

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
IIS Configuration © N. Ganesan, Ph.D.. Renaming the Default Web.

IIS Configuration © N. Ganesan, Ph.D.. Renaming the Default Web.
Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services

Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services
Internet Information Server (IIS)

Internet Information Server (IIS)
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.

Getting Connected to NGS while on the Road… Donna V. Shaw, NGS Convocation.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.
2 Windows 7 – New Features DirectAccess Active Directory authentication without a VPN connection Firewall and NAT friendly with most existing network.

2 Windows 7 – New Features DirectAccess Active Directory authentication without a VPN connection Firewall and NAT friendly with most existing network.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Chapter 13 – Network Security

Chapter 13 – Network Security

Similar presentations

Ads by Google