Unlike Google, which searches the web for sites, Shodan moving side channels? Shodan is something like "dark" Google.
This search finds servers, web cameras, printers, routers and other devices that are connected to them.
 |
| Shodan search engine |
Shodan is open 24 hours a day and collects information on about 500 million connected devices and services each month. Its amazing what all can be found - a myriad of lights, security cameras, home appliance and heating system. All of them are connected to the Internet, and very easy to spot. People who have used Sohdan managed to find the control systems for the water park, a petrol pump, cooler for wine in the hotel and crematory. Some researchers who dealt with the safety of the internet even have managed to locate the command and control systems for nuclear power plants. What is important to mention is the fact that most of these devices in itself has no security protocol. If only typing in the search box "default password" will discover numerous printers, servers and control devices that use "admin" for the username and "1234" for the password. Many of connected systems do not require a password to have access to them.
All you need is a web browser to connect them. One of the experts in security on the Internet, Den Tentler at a news conference on the web security demonstrated how he uses Shodan. Den in his demonstration showed how could melt or freeze ice rink in Denmark simple push of a button. System for flight control of a city was connected to the Internet and Den was able to switch to a "test mode" simple command. The biggest question that arises is: "Why are all these devices connected to the Internet?” Some of the devices are designed to be connected, such as door locks that can be controlled by a smart phone. People believe that many of these devices are very difficult to find, so do not worry much about their security. An even bigger problem is that many of these devices in general should not be connected to the Internet.
Companies often buy systems that allow them to control, say, a heating system with the help of computers. How do they connect the computer with the heating system? Instead they connect directly; many IT departments are only connecting with web server - which means that they unintentionally share with the rest of the world. Fortunately, Shodan is mainly used for good things. Madera is limiting the number of searches at 10 if you do not have an account and 50 if it has an account. If you want to see everything that Shodan has to offer, it is necessary to leave a lot more data about themselves, but also to pay. Shodan most used by professionals from internet security, academic researchers and law enforcement agencies.
EmoticonEmoticon