If you haven't seen Shodan yet, you're probably not using Twitter as a means to meet underway on security issues. Shoot, I don't modify follow anyone and I heard most it. Basically a technologist named Evangelist Matherly scanned a Brobdingnagian track of the Internet for destined TCP ports (80, 21, 23 at least) and publicised the results in a database with a pleasant Web front-end. This means you can put your nous in Google hacking mode, find undefendable platforms, maybe add in whatever choice passwords (or not), and verify over someone's system. We're several steps along the Intrusion as a Service (IaaS) line already!Incidentally, this idea is not new. I undergo at small one consort that sold a service same this in 2004. The difference is that Shodan is liberated and unstoppered to the public. Shodan is a dream for those wanting to spend Thanksgiving looking for undefendable boxes, and a situation for their owners. I would not be surprised if shodan.surtri.com disappears in the incoming some life after receiving a call or digit from TLAs or LEAs or .mil's. I prognosticate a mad vex by intruders during the incoming 24-48 hours as they ingest Shodan to locate, own, and bonded boxes before others do.Matt Franz asked beatific questions most this site in his place Where's the Controversy most Shodan? Personally I conceive Shodan module disappear. Many module debate that business aggregation most systems is not a problem. We center similar arguments from people defending sites that publicize torrents. Personally I don't hit a difficulty with Shodan or stream sites. From a individualized responsibility supply it would hit been pleasant to delay notification of Shodan until after Thanksgiving.Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
0 komentar:
Post a Comment