SHODAN related infosec assortment

wiki defcon 2

The other Defcon

I never attended DEFCON, though it remains a dream I hope to realize one day, soon. It may soon become too logistically awkward due to increasing numbers of attendees.

Shodan is a remarkable search engine. Traditional search engines use “spiders” to crawl websites. Shodan culls data from ports. It was created by John Matherly in 2007. He continues to develop it.

Shodan is helpful for locating web server vulnerabilities. It is available as a free service, for up to 50 searches. Query syntax includes searches by country, host name, operating system and port. Shodan can search for software AND hardware. It has been acknowledged by mainstream media. The most prominent coverage was in early June, via The Washington Post, when Stuxnet received so much press attention.

Me and Shodan

Next is my Scribd infosec collection. It isn’t exclusively Shodan-related. This is why. I first noticed that Michael Schearer wrote excellent PowerPoint presentations, and kindly posted them on Scribd. I was curious, searched for more. This led me to Shodan HQ.

Shodan is NOT an acronym for Sentient Hyper Optimized Data Access Network. John Matherly kindly confirmed this, in response to my recent inquiry.

Human knowledge belongs to the world, after all, and information ALWAYS wants to be free.

I wrote an information security and data privacy post, on my Tumblr blog. The (inline) PDF document from hal.inria.fr is the highlight. Along the way, I learned about quines! They are a cute construct, like palindromes, or self-replication, or polyglot programs; fun, maybe useful.

There was a somewhat satisfactory resolution to the ongoing matter of what I think of as Bobby Table’s Google-compromised web malware repository. The Web Malware Collection Project is:

A collection of web application back doors and malware, in PHP, JSP, ASP, etc.

Attendee ID for DEFCON

DEFCON 13 badge

Let’s conclude with a video, Hackers vs. Disasters Large and Small. The venue was DEFCON 13. Introductory remarks were by Michael Schearer, which is where this all began. Be forewarned, duration is 1 hour, 45 minutes:

Most often we’re “on the grid” and close to our precious electronics and high-speed internet. What would happen if you find yourself stranded in the middle of nowhere or in the midst of a natural disaster? This presentation will show you that your hacker ingenuity can help you survive the worst.

About these ads
Published in: on June 13, 2012 at 9:24 pm  Comments (2)  
Tags: , ,

The URI to TrackBack this entry is: http://myindigolives.wordpress.com/2012/06/13/shodan-related-infosec-assortment/trackback/

RSS feed for comments on this post.

2 CommentsLeave a comment

  1. I am *not* a contributor to http://code.google.com/p/skipfish/people/list or http://code.google.com/p/ratproxy/people/list but I wrote and delivered a tutorial on skipfish in the Netherlands and Sydney i.e. http://www.slideshare.net/cmlh/skipfish

    • Okay! Thank you for correcting that. I will edit this and delete as necessary.


Comments welcomed! Less enthusiastic about spam.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 45 other followers

%d bloggers like this: