The Dark Side Of The Internet: A Search Engine That Finds Unsecured Routers, Servers & A Whole Lot More

Shodan logoDeveloped by John Matherly, Shodan is a search engine designed to help users find certain pieces of software, determine which applications are most popular, identify anonymous FTP servers, or investigate new vulnerabilities and what hosts they could infect.

It also serves as a window into millions of unsecured online connections.

According to an article on CNN Money, Shodan runs nonstop, collecting data from approximately 500 million connected devices and services each month. Through a simple search on Shodan, a user can identify a number of systems that either have no security measures in place or generic passwords that can be hacked easily, leaving countless organizations open to hazardous attacks.

shodan

During last year’s DEF CON 20, independent security penetration tester Dan Tentler confirmed a number of unsecured systems he located using Shodan, including a car wash that could be turned on and off remotely, a hockey rink in Denmark that could be defrosted with a click of his mouse, and a traffic control system for an unnamed city that could be put in “test mode” with one command entry.

The biggest security flaw, says Matherly, is that many of these systems should not be connected to the Web, “Of course there’s no security on these things. They don’t belong on the Internet in the first place.” Citing that many systems can be controlled by a computer, IT departments will hook them up to a server, unintentionally making systems and devices available to anyone with an Internet connection.

The most common users on Shodan include security professionals, academic researches and law enforcement agencies. Users without a Shodan account will retrieve up to ten results per search, while account users get 50 results per search. To see everything Shodan can serve up, users are required to give more information about what they want to find and pay a fee.

Matherly admits to CNN Money that Shodan could be used for criminal purposes, but says most cybercriminals have access to botnets that achieve the same results.

Related Topics: Channel: Consumer | Legal: Crawling & Indexing | Legal: Privacy | Legal: Security | Search & Society | Search Engines | Search Engines: Meta Search Engines | Search Features: Safety

Sponsored


About The Author: is Third Door Media's General Assignment Correspondent, and reports on the latest news and updates for Marketing Land and Search Engine Land. From 2009 to 2012, she was an award-winning syndicated columnist for a number of daily newspapers from New York to Texas. With more than ten years of marketing management experience, she has contributed to a variety of traditional and online publications, including MarketingProfs.com, SoftwareCEO.com, and Sales and Marketing Management Magazine. Read more of Amy's articles.

Connect with the author via: Email | Twitter | Google+ | LinkedIn



SearchCap:

Get all the top search stories emailed daily!  

Share

Other ways to share:
 

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. Comments may also be removed if they are posted from anonymous accounts. You can read more about our comments policy here.
  • http://www.facebook.com/profile.php?id=100001379234891 Suren Sarukhanyan

    Is it under DDoS ? I can’t open it…

Get Our News, Everywhere!

Daily Email:

Follow Search Engine Land on Twitter @sengineland Like Search Engine Land on Facebook Follow Search Engine Land on Google+ Get the Search Engine Land Feed Connect with Search Engine Land on LinkedIn Check out our Tumblr! See us on Pinterest

 
 

Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States

Europe

Australia & China

Learn more about: SMX | MarTech


Free Daily Search News Recap!

SearchCap is a once-per-day newsletter update - sign up below and get the news delivered to you!

 


 

Search Engine Land Periodic Table of SEO Success Factors

Get Your Copy
Read The Full SEO Guide