Using Shodan to Measure The Security of the Internet

Shodan is a search engine for potentially vulnerable computer systems, based upon header information.

It allows you to perform a lot of neat tricks, such as see what your organization's public footprint looks like, as well as your competitors.  You can use it to find interesting devices such as routers, webcams, printers, etc.

I performed the following searches to see just how many glaringly obvious vulnerable systems are exposed to the internet.

First search: "IIS/5.0".  This search will produce systems which are running Windows 2000 with an IIS web server.  Of course Windows 2000 and IIS 5.0 are no longer supported by Microsoft, and multiple vulnerabilities are publicly known.

So needless to say, I was quite disturbed when I found half a million exposed IIS/5.0 webservers.

IIS 5.0 on Windows 2000

Surely no one would be running a version of Windows older than Win 2000, and connect it to the Internet, right?

Guest Post: I Can Have Most of My Threat Research Tools in a Single Interface?

The following is a guest post submitted to Caffeine Security. The owner of Caffeine Security is not responsible for its content.  This post is being shared because I feel this has the potential to be a very informative webinar.  I previously attended a TrainACE "Hacker's Breakfast" which you can read about in a previous post.

The answer is “Yes”! Join Advanced Security by TrainACE in this FREE, hour long webinar covering a few aspects of Advanced Threat Intelligence. During this webinar, you’ll be part of a live demo analysis of suspected malicious URL.  Each malicious URL has the potential to completely cripple a company’s network infrastructure and it’s important that any string which looks suspicious be fully analyzed before it falls into the hands of an unsuspecting victim. Attendees will also be shown how to effectively complete the majority of threat research from a single interface. Compiling all data into one spot will make it more manageable and make analysis much more effective.  REGISTER HERE NOW; space is limited!

TrainACE is an IT Certification and cyber security training company. This is only one of many free hacking tutorials they provide to the public. They also host regular meet-ups and events to discuss the latest and greatest topics in cyber security. 


About the Author

This is a guest post from Megan Horner, Marketing Coordinator at TrainACE. TrainACE offers advanced cyber security training such as Mobile Hacking and Wireless Security. Follow TrainACE on Twitter @pentesttraining.

Voices in the Static: Proactive Cyber Threat Monitoring

Your network is under attack. Right now. This very moment your public facing IP address space is being scanned and probed by someone. In fact, the entire Internet is being scanned by so many malicious attackers on a 24/7 basis that the most amount of time an unprotected computer can hope to last on the Internet without being compromised is seven minutes according to SANS.

So what can you do to help determine what threats to monitor for and which ones to ignore?

Read my Guest Blog Post at Recorded Future to find out more!

Threat Watch Updated with Cyber Threat Forecasting

Thanks to the folks at RecordedFuture I have updated the Threat Watch page with a 90 day cyber threat forecast monitor.


The monitor is also reproduced in this post below:

Cyber Threat Forecast - Next 90 Days via Recorded Future

CaffSec SITREP - Cyber Intelligence for the masses

Leveraging the power of Google Alerts, I have started posting relevant news articles, public exploit releases, and other tidbits of information related to Cyber Security and Information Assurance.

The best way to keep you and your organization prepared for unknown threats is to keep tabs on the current state of the security of the internet.

There are currently three ways to view SITREP messages:

Twitter, following @CaffSec
Tumblr through the CaffSec SITREP blog
The CaffSec Daily SITREP Online Newspaper

Please enjoy these valuable resources!