OWASP October Monthly Meeting (Note date change)
Details
Speaker: Dan Tentler
Carpe Datum: Drinking from the espresso firehose we know as Shodan
Have you ever stayed up until 5am fiendishly digging around on shodan? I have. More times than I care to admit. I’m starting to find patterns. Shodan is genius. It’s a glorious search engine that catalogs the banners from TCP connections on several ports – for the entire IPV4 internet. This makes for some bodacious late night reading. The findings, on the other hand, are in a lot of cases most heinous. SCADA, Power company networks and controls, thousands of webcams, weed growrooms, .gov/.mil border routers and sharepoint systems. It’s a little overwhelming. I decided to sift it all through a strainer to make it easier to take in. So I wrote a scraper script and a viewer to better parse the results! Come with me on an excellent adventure – but without Bill or Ted – more like the haunted mansion ride, except all the ghosts and spooks are systems or cameras left wide open on the internet. Did you know you could telnet into hydrogen fuel cells? Neither did I!
Dan Tentler: You know that guy that gets paid to be the bad guy? That's Dan. He's got a mixed bag of previous experiences. Ask him about it over some scotch!
Sponsors
OWASP October Monthly Meeting (Note date change)