Whether named after the first black belt degree in Japanese martial arts or after the evil AI in the System Shock games, SHODAN The Computer Search Engine is very interesting experiment indeed. In short SHODAN provides a web based interface for data mining various details about computers and services in the public network. Think Google for server banners.
While there are various NMAP-like scanners with a web interface already available in the internetz, SHODAN takes the game to the next level. According to the authors, SHODAN is running a custom built distributed port scanner currently querying publicly available HTTP, FTP, SSH and Telnet services (more ports will be possibly added later) and indexing the banner data returned by the servers. SHODAN also provides various clever filters for sorting out the search results including a world map showing the geolocations and standard CIDR notation can be used to focus the searches to desired IP address ranges only.
Simple, but ah so devastating. Have you ever wondered are there any pre-1993 versions of the Cisco IOS running in the public networks still? Or any open anonymous FTP servers? Surely there are no Microsoft IIS 4.0 web servers in production anymore? The reason you see only three pages worth of results is probably due to the fact that you are not logged in to SHODAN.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment