Analyzing Public Infrastructure with Shodan

Conclusion

Shodan provides a powerful collection of tools for monitoring your own web presence and looking for points of entry. Of course, you could obtain much of this information yourself using scanning tools or a full-blown pen test study, but Shodan can provide convenience, reduced overhead, and a smaller learning curve in many contexts. The Shodan toolkit lets you view your web resources as an attacker would see them. Alternatives to Shodan include ZoomEye and Censys, which are tools that gather intelligence and insight into vulnerabilities.

Shodan Filters

Cloud

  • cloud.provider
  • cloud.region
  • cloud.service

General

  • hostname
  • isp
  • os
  • org
  • ip

Restricted

  • tag
  • vuln

SNMP

  • snmp.contact
  • snmp.location
  • snmp.name

SSL

  • ssl.version
  • ssl.cipher.name
  • ssl.cipher.bits
  • ssl.cert.extension
  • ssl.cert.fingerprint

Bitcoin

  • bitcoin.ip
  • bitcoin.ip_count
  • bitcoin.port
  • bitcoin.version

Telnet

  • telnet.option
  • telnet.will
  • telnet.option

NTP

  • ntp.ip
  • ntp.ip_count
  • ntp.more
  • ntp.port

Screenshot

  • screenshot.hash
  • screenshot.label

HTTP

  • http.component
  • http.status
  • http.title
  • http.waf
  • http.server_hash

Infos

  1. Shodan: https://www.shodan.io/
  2. Shodan Products page: https://www.shodan.io/about/products
  3. Shodan registration: https://account.shodan.io/register
  4. pandas: https://pandas.pydata.org/

The Author

Michael K. Aboagye is a systems security engineer interested in deploying secured virtualized systems as well as securing monolith and distributed systems.

« Previous 1 2 3

Buy this article as PDF

Download Article PDF now with Express Checkout
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
SUBSCRIPTIONS
Print Subscriptions
Digital Subscriptions

Related content

  • Smart Home Security

    Many IoT devices are so poorly protected against attacks that it is easy for an intruder to slip inside. With the right tools and best practices, you can bar the door.

    more »
  • Introduction

    This month in Linux Voice.

    more »
  • Capture the Flag

    TryHackMe's Capture the Flag puzzles are a useful source for users who want to learn about ethical hacking and penetration testing.

    more »
  • Search Engines

    If you are interested in data privacy, you might want to try an alternative search engine. We discuss a few search engines that serve up good results, along with an option for setting up your own search engine.

    more »
  • Nmap Scripting

    Nmap is rolling out a new scripting engine to automatically investigate vulnerabilities that turn up in a security scan. We’ll show you how to protect your network with Nmap and NSE.

    more »
comments powered by Disqus