[CRTech] Christian Radio Tech [MSG 79173]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
Re: hacking continued
To: CRTech <crtech@crtech.org>
Subject: Re: hacking continued
From: Sherrod Munday <smunday@ieee.org>
Date: Tue, 14 Mar 2017 12:51:07 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ieee-org.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=5nq4V6vfHPgLNw2sY38Khk5jf6qGxR9UPcqFiWuSnB4=; b=JTF/Q7aMk98QW/GET9SnwGQmnOPf7UH01dz7rP7BUoGeP7eajYh79sLL/NIcry7rJf PKy65ik/gdscr+3cqHpE3HZqcgVp2gkY0xq09GX3fs5JiG4rKg+6PI4h5zJraZ8Xaj9U CWFXydFLze9q+24th4D6xYlvGrKyLpDUgAWASiqMbAJtsOv5PIDDhaqle/QezM81yY/o PCcf7Dob7HD8TlHDMglda1k5vLreBGFXx5wRXNwerRGZP9UcEsPu+PP39bDfA6HL2L/c bwfqV0OaBXdMReGxv/Nb6d5ILF94DVzc12l23QT+RkozoFpzcwuKYh1NVCIdkmINPHv+ 027Q==
In-reply-to: <39BDB4B5A083864B9802AFB66985BC0768C955@KSGN-DC.KSGNNET.local>
References: <812f36bb-e2cc-bf85-ba40-df7d81d2e32b@knlr.com> <39BDB4B5A083864B9802AFB66985BC0768C955@KSGN-DC.KSGNNET.local>
On Mar 14, 2017, at 12:29, Jon Foreman <Jon@ksgn.com> wrote:
> Interesting countries of origin...

The Shodan search engine has 'Net crawlers all around the world.  I'm sure there are many more than the few you found hitting your site.

The distributed architecture helps it do its job even if some IP addresses get blocked, and it's more efficient to poll devices when you're geographically close to them.

Technically, the Shodan site is extremely useful and quite interesting in its conceptual theory of operation.  It obviously can be used for nefarious purposes, but it has perfectly good uses, too; it's just a tool.  The major benefit of it is that it takes in all the distributed searches and aggregates them together for an easy-to-use single-site search engine, just like Google does.

And before anybody gets all up in a tizzy about "This sort of search engine should be restricted and not available to the public!!" ideas, recognize that this stuff is child's play for a hacker.  Shodan just makes it easier and faster, and it anonymizes the actual scans (or does the dirty work behind the scenes) so that a hacker doesn't have to scan a remote target from his own IP address.

—
Sherrod Munday
<smunday@ieee.org>

Follow-Ups: Re: hacking continued
(Matthew Chambers <mchambers@showmeham.info>, 14 Mar 2017 17:01:08 -0000)
References: hacking continued
(Terry Cowan <tcowan@knlr.com>, 14 Mar 2017 15:43:11 -0000)
RE: hacking continued
(Jon Foreman <Jon@ksgn.com>, 14 Mar 2017 16:30:01 -0000)
Prev by date: RE: hacking continued
(Jon Foreman, 14 Mar 2017 16:30:01 -0000)
Next by date: Re: hacking continued
(Matthew Chambers, 14 Mar 2017 17:01:08 -0000)
Prev by thread: RE: hacking continued
(Jon Foreman, 14 Mar 2017 16:30:01 -0000)
Next by thread: Re: hacking continued
(Matthew Chambers, 14 Mar 2017 17:01:08 -0000)
CRTech.org