About a month ago, there was much news about the release of COFEE into the torrent wild. I even gave my two cents about the much hyped forensics toolkit which is provided to law enforcement for the purposes of easily capturing volatile data from personal computers during evidence collection. A tool to counter COFEE, aptly [...]
We have been continuing to play around with the SHODAN Computer Search Engine after first looking at it last week. We continue to identify a variety of devices we sometimes note on security engagements (although usually on internal networks) that: should not be externally accessible and are either still using factory default credentials or are not using any credentials to access administrative interfaces. Accessing the administrative panels of these devices would allow a bad actor to further compromise the organization running the device on its network. We can quantify that we are seeing results not just for poorly configured home offices or small businesses, but large and medium businesses who would experience significant negative effects when breached or their devices tampered with. We’ll continue to blog about our findings until we get bored with it. Today’s search demonstrates how we found a few hundred accessible interfaces for IP Camera DVR surveillance systems.
IT Administrators responsible for the servers whose listening services are showing up in the search results of the new SHODAN Computer Search Engine should pray that the ethical restrictions of those ‘shodanning’ (googling counterpart?) or searching remain intact. Or better start the implementation of countermeasures (close unnecessary ports, etc).