随着物联网(Internet of Things)成为技术的主要焦点,总的来说,未来似乎是完全互联的。您所有的家庭和办公设备都将通过互联网(Internet)相互连接,以实现无缝体验。但是桥下真的那么阳光明媚吗?让我们探索一个与我们在“黑客”或“网络攻击”电影中看到的接近的潜在世界。Shodan可让您搜索物联网(Internet)或物联网(IoT)设备(Things),以了解哪些设备已连接到互联网(Internet)、它们所在的位置以及谁在使用它们。
(Shodan)物联网(IoT)设备的Shodan搜索引擎
Shodan是一个相对较新的在线工具,可让您搜索所有联网设备。是的,这意味着您认为很聪明的所有恒温器、电视(TVs)和车库开门器现在都可以通过这个搜索引擎访问,清楚地表明一切都是多么脆弱。
潜在地,任何有顽皮思想的人都可以入侵房屋并导致大规模停电,只需单击按钮即可淹没城镇或使发电厂陷入熔毁状态。好吧(Well),所有这些都只是理论上的,几乎不可能像他们在电影中那样做。
这一切都始于Shodan的发明者John Matherly ,(Shodan)他坐下来完成这个新项目,将搜索引擎与世界各地连接的物联网设备的所有信息进行比较。(IoT)这种爱好变成了现在在互联网(Internet)上爬行,每月增加数亿条新记录。
是的,这个搜索引擎的创建只是为了帮助软件公司知道他们的产品在哪里。但这并不是安全研究人员所知道的,他们正在分析这些连接设备的详细信息。Shodan为他们提供了一座桥梁,填补了了解这些设备的影响与拥有大量证据支持它们之间的差距。
Shodan公然指出,虽然世界上大多数人都在将他们的设备连接到互联网(Internet),但其中大多数并不安全。这是一个巨大的安全威胁,大规模的攻击潜伏在角落里。今年应该是“物联网(Internet)”之年。就像现在一样,大多数设备都带有互联网(Internet)连接。但似乎缺少的是对强大的身份验证过程的需求。如果它在谷歌上不可用并不意味着它根本不可用。使用Shodan ,理论上您可以通过(Shodan)Internet控制大型水坝和电力局。
提示(TIP):看看其中一些Google 搜索引擎替代品(Google search engine alternatives),如 Bing、DuckDuckGo 等。
当涉及到实际做坏事时,“理论上”的方面就会出现。如果你有一台笔记本电脑和最少的知识,你不能简单地登录这些智能设备并控制它们。您需要能够设计、编写和配置特殊代码来完成所有这些工作。它需要对连接到设备所需的东西有广泛的了解。
法律的匕首总是悬在你头上。控制设备属于刑事犯罪,如果被发现沉迷于此类活动,您很容易被抓获。强度取决于设备的水平;就在那里。所以,想要做这些非法事情的人并不完全在Shodan上搜索。
Shodan是一个公共平台,需要支付信息才能进行 50 次以上的搜索。伙计们并不希望如此轻易地透露他们的信用卡详细信息。看看这里(here)(here)。
使用Internet of Things Scanner检查您的任何物联网(IoT)设备是否被泄露或公开。
Shodan is a search engine for Internet-connected devices
With Internet of Things being the primary focus for technology, in general, the future seems to be completely connected. All your home and office appliances will be interconnected through the Internet to allow for a seamless experience. But is it all that sunny under the bridge? Let’s explore a potential world that is close to what we have seen in ‘hacker’ or ‘cyber attack’ films. Shodan lets you search for Internet of Things or IoT devices to find out which devices are connected to the Internet, where they are located & who is using them.
Shodan search engine for IoT devices
Shodan is a relatively new tool available online, which lets you search for all Internet-connected devices. Yes, that means all your thermostats, TVs and garage door openers that you thought were smart, are now accessible by this search engine that clearly shows how vulnerable everything is.
Potentially, anyone with a naughty mind, can hack into homes and cause a mass electricity blackout, flood a town or send a power plant into a melt-down at the click of a button. Well, all that’s just theoretical and almost impossible to be done the way they do it in the movies.
It all started with John Matherly, the inventor of Shodan, who sat down with this new project to collate a search engine with all the information on IoT devices connected across the world. That hobby changed into what now crawls the Internet to add hundreds of millions of new records every month.
And yes, this search engine was created only to help software companies know where their products are located. But that’s not what the security researchers know, which is analyzing the details about these connected devices. Shodan provides them with a bridge that fulfills the gap between having an idea about the impact of these devices and having substantial evidence to support the same.
Shodan blatantly points out the fact that while most of the world is getting their appliances connected to the Internet, most of them are not secure. This is a big security threat, with massive attacks lurking in the corner. This year is supposed to be the year of “The Internet of Things”. As in, most devices come with Internet connectivity now. But what seems missing is the need for a strong authentication process. If it isn’t available on google doesn’t mean that it isn’t available at all. With Shodan, you can theoretically control big dams and electricity boards via the Internet.
TIP: Take a look at some of these Google search engine alternatives like Bing, DuckDuckGo, etc.
The ‘theoretically’ aspect comes in when it comes to actually doing the bad things. You cannot simply log into these smart devices and control them if you have a laptop and minimal knowledge. You need to be able to design, write, and configure special code to do all this. It requires extensive knowledge about the things that are needed to connect to the devices.
And there’s always the dagger of law hanging over you. Controlling the devices are criminal offenses, and you can be easily caught if found indulging in such an activity. The intensity depends on the level of the device; that’s there. So, people looking to do these illegal things aren’t exactly searching on Shodan.
Shodan is a public platform and needs payment information to be able to make more than 50 searches. The guys aren’t looking to give out their credit card details so easily. Take a look at it here.
Use the Internet of Things Scanner to check if any of your IoT devices are compromised or known publicly.