You know how easy it is to know information about your company and on your network system? Shodan is a search engine that works similarly to any other except that instead of entering someone's name or a keyword, you type IP addresses and other dispositivos IoT.

What is Shodan and why should find him right now?

As we have seen, this is a search engine something special. It works by looking for concepts related to computing devices, which are being sought and which, quite easily obtained information.

Do you have an IP router ?, own ?, a special device on your network ?, a data packet? Look for them in Shodan and realize everything can be knowing about you, your network and your business.

Shodan search engine

Depending on your level of privacy you are getting some or other data related to your search. These ports can be used, the data packets sent and received, technologies used, vulnerabilities, including the time you have been disconnected from the server due to inactivity ...

If you appear in Shodan to find some of your devices have a problem because that means security levels, your system and your network are minimal, because this engine is simple, quiet, discovering your information and your movements, which may be severely compromised.

Net Cloud Engineering en Shodan

We put an example for you to understand better How it works Shodan. We have introduced our own IP. In this case, we know, but we need you to be aware that knowing this information about any enterprise system is not difficult, anyone can have software, free to do so.

Shodan only thing that brings us back:

  • General data. We find ourselves face to face with the city where our server IP, the internet service provider, our date last updated, the name of our host and our ASN is.
  • web technologies used. We see easily, how Shodan tells us that we use jQuery, MySQL, PH, Bootstrap, Yoast SEO, WooCommerce, reCAPTCHA…
  • our server ports open. We are shown, one by one, the 11 ports we have open.
  • Protocols and services used. We see perfectly, port to port, using FTP protocols, tcp, udp, dns and http plasma, with their corresponding supported extensions, whether or not the login is not anonymous, if the system is or is not private, commands recognized in the site, errors of each service that the server has received ...
  • We can also see the certificate use, including its version, the expiration date, signature algorithms, key identifiers of authority, certification policies strictly speaking, the method of access to information of authority ... This, again, in each of the available ports.

You see, there is much information of our networks available to everyone, and that we are a cybersecurity company; Imagine what you can discover about you, your system and your Business a cybercriminal if your security level is not adequate. Dare to find you and tell us what you found! Do you think your information is safe?