A new search engine recently came to my attention that every network person needs to be made aware of. This search engine is called Shodan – a computer search engine. This search engine will allow a user to search for various strings returned when connecting to ports like ftp, ssh, telnet and http. This means I could put in a search string like “cisco country:us port:23“. This would return search results that show any device returning a banner on port 23 (telnet) that has the word “cisco“.

This is scary stuff! This is similar to doing a network scan using nmap and grabbing banners from ports, but this search engine makes scanning individual hosts obsolete.

Here’s an interesting blog post about Shodan: Is SHODAN really controversial? The author followed it up with Taking SHODAN for a spin. Check out the results from this Google search for “Shodan computer search“. If some of those threads don’t scare you, then… maybe you are not an IT person!

Looks like I need to spend some time visiting Shodan to see if there’s some tightening up I need to do on systems I manage! Have you tried Shodan or anything similar? Share your experiences with other ITKE readers.

Thanks for reading and let’s continue to be good network citizens.