We are going to explain what Shodan is and what it can be used for, a search engine for Internet-connected elements that can be as useful as it is dangerous, depending on who uses it. It is a kind of Google of servers connected to the Internet, with which you can locate from home servers to public webcams or even city traffic lights.
We are not going to dwell on a technical explanation or explain how to use it to find very specific things. We will simply explain what it is so that anyone can understand how it works.
What is Shodan?
Shodan is a search engine, a page used to find things on the Internet. But it is not a search engine for web pages or images like Google or Bing, it is a search engine for systems and services connected to the Internet, what it looks for are machines connected to the network.
Therefore, if you do a search like typing the name of a city, Shodan will not show you information related to the name you have typed. Instead, it will show you servers connected to this place or using the term you typed, and give you information such as their IP or location.
For a normal user without technical knowledge, Shodan is not very useful, because we may not understand the codes and nomenclatures that it returns in the searches. However, it can become dangerous when a person with technical knowledge uses it since it can find servers that are vulnerable and hack into them.
In this aspect, using Shodan is completely legal, since it is limited to displaying information that is already on the Internet. On the other hand, what is not legal is to access the servers shown in the results, as you may be committing cybercrime offenses.
Shodan will allow you to find any type of device connected to the Internet, from webcams, smart TVs, and home devices to traffic lights, wind turbines, and any other type of infrastructure that uses the network to send data. It’s not a vulnerable server finder, but you find all devices, and some may be vulnerable.
What it can be used for
Shodan is a useful search engine for IT security auditors, as it allows them to search the Internet for the servers they are auditing or other services, and get a lot of information from them that may be useful to them. They can find the IP, the geolocation, the country to which an item found belongs, or the ports and services they have open.
This can be useful precisely for the security field because if you have the knowledge, you can know to what extent a server is exposed, and thus be able to secure it before some cybercriminal, even using the same tool, can look at it and attack you.
But it can also be dangerous when used by cybercriminals because it allows them to find specific types of device and their IP, or to narrow down searches by the operating system. This can allow you, for example, to find Windows devices or servers connected to the network and look for possible vulnerabilities to attack them, or simply take the IPs of service and attack them to try to dump them.
Therefore, we can say that Shodan is a completely neutral tool, but it can have positive or negative uses depending on who uses it. It is worth knowing that this type of search engine exists, and therefore, it is always very important to configure the security of the devices with which we connect or to which we connect to the Internet.
How to use Shodan
Shodan is quite simple to use, and all you have to do is type in a search term. When you do so, you will be shown the results with IP, location, and other technical information for each server. In the left column, you will have several filters that will allow you to find the best results for utilities, organizations, operating systems, and so on.
This search engine allows you to use it for free or create a paid account to get more information, as you must remember that it is oriented to the professional field. If you use it without registering you will only be able to access the first page of report results. To view more pages or search in the images or maps tabs, you will have to register for a paid account.
All you have to do when you are shown the list of results is to click on one of them, and you will access the complete technical information about this server. In some cases, you will even be able to access the page they are pointing to and try to connect to them.
When you enter the tab of one of the items that appeared in the search results, you will see its TCP information and all the open ports. You will also see the country they belong to, the city, the organization name, or the ISP name. There may also be other data, although it all depends on each server.
In addition, Shodan also offers a system of search filters to improve the results, such as country:uk to specify that you want to search in United Kingdom, city:Liverpool to specify the city where you want to find them, or os:windows to specify the operating system. You also have port:XX to search by port number.