By Collin Donaldson. What is it? Shodan is a search engine that allows you to look for devices connected to the internet using service banners. When you.

Slides:



Advertisements
Similar presentations
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Advertisements

1 Conference Etiquette 1 Video Attendees: - Please mute your microphones until you are ready to ask a question. On Site Attendees: - Please mute your cell.
Welcome to Middleware Joseph Amrithraj
Secure SharePoint mobile connectivity
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Remote Viewing Setup DVR & IP Video Devices
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Network Security Testing Techniques Presented By:- Sachin Vador.
Kerim KORKMAZ A. Tolga KILINÇ H. Özgür BATUR Berkan KURTOĞLU.
Client Server and Protocols. Servers and Clients 4 A “server” is just a computer running a piece of software that provides resources to clients 4 A client.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Web server security Dr Jim Briggs WEBP security1.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Networks IGCSE ICT Section 4.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
VPN AND SECURITY FLAWS Rajesh Perumal Clemson University.
Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software
Chapter 6: Packet Filtering
CTSP TRAINING Router 101 And Networking Basics. You Don’t Need Internet Access to Run or Connect your devices to an Ethernet switch or Router Enable DHCP.
CS391 Computer & Network Security
Windows 7 Firewall.
Learningcomputer.com SQL Server 2008 Configuration Manager.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Security at NCAR David Mitchell February 20th, 2007.
© 1999 Ernst & Young LLP e e treme hacking Black Hat 1999 Over the Router, Through the Firewall, to Grandma’s House We Go George Kurtz & Eric Schultze.
Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.
CHAPTER 9 Sniffing.
Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.
Turning Windows 7 into a Web Server Ch 28. Understanding Internet Information Services.
Ethical Hacking: Hacking GMail. Teaching Hacking.
Enumeration After scanning for live systems and services, hackers will probe the services more carefully looking for weaknesses This involves active connections!
By Mohammad Alsawwaf. To apply the theory part from my last presentation into the application part (The lab)
NETWORKING & SYSTEM UPDATES
Configuring and Deploying Web Applications Lesson 7.
Trouble-shooting Tips Georgia Bulldogs I can receive, but not send messages  If you can successfully receive messages, but can’t send messages,
Enumeration. Definition Scanning identifies live hosts and running services Enumeration probes the identified services more fully for known weaknesses.
COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.
Windows Administration How to protect your computer.
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
Brooke Thorpe COSC 101-Section 7. Overview What is a Firewall? System designed to prevent unauthorized access to or from a private network Will check.
INTERNET APPLICATIONS CPIT405 Install a web server and analyze packets.
Network Devices and Firewalls Lesson 14. It applies to our class…
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Shodan Computer Search Engine
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Remote Authentication Dial-In User Service (RADIUS)
Embedded Linux Conference6 April 2009Jake Edge - LWN.net Security Issues for Embedded Devices Jake Edge LWN.net Slides:
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)
OMS Administration Marie SHAH 02/12/2016.
Enumeration.
Instructor Materials Chapter 5 Providing Network Services
Operating & Configuring a Cisco IOS Device
Computer Data Security & Privacy
Ethical Hacking: Hacking GMail
Fix Thunderbird Error 5.7.1 Call Toll-free
Introduction to Networking
Digital Pacman: Firewall Edition
RECONNAISSANCE & ENUMERATION
Firewalls Routers, Switches, Hubs VPNs
E-commerce Infrastructure Web Servers / Web Clients / Web Browsers
Windows desktop sharing
Convergence IT Services Pvt. Ltd
Presentation transcript:

By Collin Donaldson

What is it? Shodan is a search engine that allows you to look for devices connected to the internet using service banners. When you connect to a server listening on a given port, the server (usually) responds with a service banner. Service Banner: A block of text about the given service being performed.

The How Shodan uses a technique called “Banner Grabbing” Banner Grabbing is an enumeration technique used to glean information about computer systems on a network and the services running its open ports. Indexes banners instead of web content Admins can use it to keep tabs on the services and systems on their networks Hackers can use it to expose potential targets

Potential Targets Routers Webcams SCADA systems Traffic Lights Note: Be careful what you try to access!

Service Banner Example We now have the HTTP, Server (Boa is a lightweight server for embedded systems such as Androids), and the default password.

Getting Started: Create an Account

Familiarize Yourself Shodan has similar features and functionality to other search engines, but the searches are quite different Check out “popular searches” for some starting tips You can filter by banner type, port, OS, country, latitude/longitude, etc. Example: cisco country:IN port:5060 net: /24 Result on next Slide

Citycom Networks Pvt, New Delhi, India

Some Useful Search Terms Use net:your.ip.add.ress o r net:your.ip.add.0/24 to pen-test your own network "iis/5.0“ for Internet Information Services Network/Company Type names (“Cisco”, “Apache”, “Telnet”, etc.) Search software for your type of target (i.e. “webcamxp” is common webcam software).

User Authentication Some servers require authentication Use lists of common default usernames and passwords such as You could also use more advanced tools like Cain and Abel if you really want to break a password.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.