Ep 21 Shodan.io

21 Shodan.io

Hello and welcome back to USB our Guest, Cyber Security tips. Thank you for taking a few minutes out of you day to listen. It's a great way to help protect yourself from cyber-a ttacks. Today's episode covers the website Shodan.io. There is a great article on DanielMiessler.com that explains shodan from a high level overview and a small tutorial on search examples. I'll add it to the show notes.

Shodan.io as described on it's website is a search engine for the Internet of things. Webcams, routers, servers, smart TVs, smart speakers, refridgerators, garage door openers, but more alarmingly industrial control systems, medical devices, and traffic lights can all be found via this search engine.

Shodan was launched in 2009 by John Matherly so it's been around for a while. It has a free version and paid versions, where the paid version has more data accessible. It was created to search for devices linked to the internet. For instance, in order for these devices to be accessed remotely by their users or for important security updates, they need access to the internet. They access the internet through ports on the device. Shodan searches the internet for these devices and returns info from banners, or metadata about software running on a device. Shodan's search results have continued to skyrocket with devices added to the Internet of things.

Shodan's usefulness is two-fold. Yes, black hat hackers can use it to search for and attempt to access anything connected to the internet.From there they could use credential stuffing on an exposed login screen to gain access.  But more than that, the good guys use shodan as well for the very same reason but To search their exposed, vulnerable devices, and secure them.

The bad guys have always had access to information to identify easy targets. much like if a thief wanted to rob a jewelry store, they would look for stores with no security system and doors that don't lock. Owners of a store or a website owe it to themselves to have doors that lock or require their users to use a vpn to remotely login or some other type of security measure to protect it from the bad guys

So, why tell you about Shodan? To encourage you to protect your devices by adding or changing the password on your router, ring doorbell, garage door opener or smart light bulb or anything you may have connected to the internet. Why is this important? Because some cyber attacks jump off from gaining access to an exposed device connected to a network, such as a hospital, business or your home.

That's all for today.

If I helped you at all please consider supporting the podcast in any of the following ways. The easiest is to shop on Amazon through the podcast's store link which is located in the show notes and the podcast description. When you need to buy something on amazon, Click on the link, and buy as you normally would.  Or, go to anchor.fm/usbog and use the 'Support button'. And as always Rate and review the show on whatever platform you use to listen

Thank you for listening and have a great day