Scribd Logo
Upload

Welcome to Scribd!

  • Shodan: Exploring The Dark Internet: Bill Matonte, Brian Brokling, Chris Hamm

    Uploaded by

    Sophia Camargo
    7 views9 pages
    Uso Shodan

    Original Title

    ShodanandICSsystems (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Uso Shodan

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views9 pages

    Shodan: Exploring The Dark Internet: Bill Matonte, Brian Brokling, Chris Hamm

    Uploaded by

    Sophia Camargo
    Uso Shodan

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    Shodan:

    Exploring the
    Dark Internet
    Bill Matonte, Brian Brokling, Chris
    Hamm

    Overview
    What is Shodan
    o The dark Internet
    o The Shodan Story
    o How Shodan works

    Industrial Control Systems(ICS) and their


    vulnerabilities
    Countermeasures

    The Dark Internet

    In order to understand SHODAN, you must


    understand where SHODAN operates. That is, the
    dark Internet.
    As soon as 2001, there could have been as many
    as 100,000,000 hosts that are completely
    unreachable.
    Many of these websites can be reached through
    "secure gatekeepers", but the security can be
    very lax.

    The Shodan Story


    SHODAN was thought of in 2003 and launched in 2009.
    SHODAN is the brainchild of John Matherly. He named his creation
    off of the evil artifical intellegence entity, SHODAN, from the
    System Shock series of video games.
    The main idea behind SHODAN is that there are many nodes on
    the internet, especially industrial and commercial systems, that
    use the internet, but are not normally considered part of it.
    SHODAN changes this paradigm.

    Industrial Controls
    Systems(ICS)
    Include Many Essential
    Infrastructure
    o Nuclear power plants
    o Chemical processing plants
    o Energy pipeline monitoring
    and control

    Operate and monitor


    systems remotely
    Reduces cost
    Increases security risk
    Designed for function
    not security

    http://www.ipcprotects.com/images/control-networksecurity-diag-big.jpg

    ICS Continued
    Lack basic security features
    o Encryption, Firewalls, Anti-Virus Software

    Systems difficult to update


    Default passwords often unchanged as a safety
    feature"
    Before 2011 thought to be Air-Gapped
    In 2011 it was revealed that 7500 ICS nodes were
    exposed
    Only 17% required Passwords
    20.5% were susceptible to known exploits.

    Shodan the Search Engine


    Optimized to search for systems
    Uses Indexed meta-data stored in banners
    Filter information from banners to find vulnerable
    systems
    DEMO!!!

    Countermeasures
    Restrict your devices to only allow packets to be
    broadcast inside the internal LAN
    Restrict what IP addresses can access your
    network from the internet
    Use VPN to remote access your network
    Change all default device passwords to
    something else
    Surpress or minimize verbose banners
    Run Shodan against yourself
    o see if you can find yourself with Shodan

    Works Cited
    "Frequently Asked Questions." SHODAN. N.p., n.d. Web. 22 Apr. 2014. <http://www.shodanhq.com/help/faq>.
    Goldman, David. "Shodan Finds the Internet's Most Dangerous Spots." CNNMoney. Cable News Network, 02 May 2013. Web. 22
    Apr. 2014.
    Goldman, David. "Shodan: The Scariest Search Engine on the Internet." CNNMoney. Cable News Network, 08 Apr. 2013. Web. 22
    Apr. 2014.
    Graddy, Marchello, and Dennis Strouble. "Critical Infrastructure Control Systems Vulnerabilities." International Conference on
    Information Warfare and Security. Reading. N.p.: Academic Conferences International Limited, 2010. 106-XIII. Web. 22 Apr. 2014.
    Hill, Kashmir. "Camera Company That Let Hackers Spy On Naked Customers Ordered By FTC To Get Its Security Act Together."
    Forbes. Forbes Magazine, 04 Sept. 2013. Web. 22 Apr. 2014.
    Hill, Kashmir. "The Crazy Things A Savvy Shodan Searcher Can Find Exposed On The Internet." Forbes. Forbes Magazine, 05 Sept.
    2013. Web. 22 Apr. 2014.
    ICS-CERT. "Alert (ICS-ALERT-11-343-01A)." Control System Internet Accessibility (Update A). Deopartment Of Homeland Security,
    21 June 2012. Web. 22 Apr. 2014.
    Leverett, Eireann. "Quantitatatively Assessing and Visualizing Industrial System Attack Surfaces." Diss. U of Cambridge, 2011.
    Leveret-Industrial. Web. 23 Apr. 2014. <"https://www.cl.cam.ac.uk/~fms27/papers/2011-Leverett-industrial.pdf>.
    NERC. "Control Systems Security Working Group(CSSWG)." NERC. North American Electric Reliability Corporation, n.d. Web. 23
    Apr. 2014. <http://www.nerc.com/>.
    O'Harrow, Robert, and Jr. "Cyber Search Engine Shodan Exposes Industrial Control Systems to New Risks." The Washington Post.
    N.p., 27 Dec. 2012. Web. 8 Apr. 2014.
    United States. Department of Energy.Office of Scientific and Technical Information, United States. Department of Energy, and Idaho
    National Laboratory. Introduction to SCADA Protection and Vulnerabilities. Washington, D.C; Oak Ridge, Tenn: United States. Dept.
    of Energy, 2004. Web.
    Wiess, Aaron. "5 Tips to Protect Networks Against Shodan Searches." - ESecurity Planet. N.p., n.d. Web. 21 Apr. 2014.
    <http://www.esecurityplanet.com/network-security/5-tips-to-protect-networks-against-shodan-searches.html>.

    You might also like