Drinking From the Caffeine Firehose We Know as Shodan

Presented at DEF CON 20 (2012), July 27, 2012, 2:30 p.m. (20 minutes)

Shodan is commonly known for allowing users to search for banners displayed by a short list of services available over the internet. Shodan can quite easily be used for searching the internet for potentially vulnerable services to exploit, but it's also a powerful defensive posturing tool as well as the first step in aggregating wide scopes of data for mining. Everyone knows routers, switches and servers are connected to the internet - but what else is out there? Has anybody even looked? I suspect people stop after the popular searches and forego what's left. Did you know there are hydrogen fuel cells attached to the internet? Some of my findings were pretty surprising, and these discoveries are an excellent metric for identifying how successful our security campaigns as an industry are. It's a way to measure our success as a whole, by scanning the entire internet.

Presenters:

  • Dan Tentler / Viss - Information Security Consultant, Gentleman of Fortune   as Viss
    Viss (Dan Tentler) is currently freelancing as a Security Consultant and parachutes into various clients in southern California. During the last 5 years Dan has carried a wide breadth of clients and engagements, ranging from wireless site surveys and penetration testing, to full blown social engineering campaigns, to lockpicking and threat & vulnerability assessments. Dan has presented at various BarCamps, Toorcon San Diego, ToorCon Seattle, Refresh San Diego and SDSU computer security advanced lecture classes. Come find Dan and ask him about things, he'll talk your ear off. Twitter: @viss

Links: