Table of contents
Comprehensive Data Collection
Shodan extensively scans the internet, collecting data from a wide range of devices and services, which provides users with a thorough overview of their network exposure.
Security Awareness
It helps organizations identify and address security vulnerabilities by revealing exposed devices and services that might otherwise go unnoticed.
Automation Capabilities
The platform offers an API that allows users to automate searches and integrate Shodan data into their own tools and workflows.
Detailed Search Filters
Shodan provides advanced search filters that allow users to narrow down results based on specific criteria such as geographic location, device type, or operating system.
Real-Time Monitoring
Users can set up real-time alerts to monitor for new exposures, ensuring timely response to potential threats.
Shodan can be a valuable tool when used appropriately. It is particularly beneficial for cybersecurity experts seeking to analyze and secure networked devices. However, it can also be used for malicious purposes if accessed by individuals with harmful intent. Therefore, ethical considerations and legal compliance must guide its use.
We have collected here some useful links to help you find out if Shodan is good.
Check the traffic stats of Shodan on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of Shodan on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of Shodan's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of Shodan on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about Shodan on Reddit. This can help you find out how popualr the product is and what people think about it.
Transform OSINT sources such as shodan, bgpview & urlscan into templates which you can use to query & store any and each of the API endpoints they provide. Source: almost 2 years ago
I'm a little surprised you're asking this but as you don't know - if you set the rulebase correctly, you won't get hammered by "public". A lot of people (of course not people here) don't do that which is why shodan.io is full of servers with SSH exposed to the world. Source: almost 2 years ago
Eh, request a full demo before signing anything. If they make you buy before you can try, move on. Just be advised that data they collect from your site may be used in a database that puts a target on your back. Similar to how shodan.io works. I would probe them on how they handle customer data and if data is shared, partitioned, or isolated to ensure safety from a platform leak. They want to be a security... Source: almost 2 years ago
My network is being hit by China and Russia many times per hour. Make sure your firewall is up-to-date and not have any services available on the Internet (WAN). Look at shodan.io which shows you _everything_ is searched on the Internet. Source: almost 2 years ago
In the cases of nginx or apache, I suspect they may be acting as proxies to some backend that also chooses not to send a reason phrase back. Searching for "Reason Phrase" yields a number of bug reports/frameworks that may omit it, and shodan.io shows apache tomcat and a few other services/software that omit the code as well. Source: almost 2 years ago
If you really want to shake your nerves, seach for accidental wide open heimdall installs on shodan.io. Source: about 2 years ago
Shodan.io is part of our toolkit, works well. Source: about 2 years ago
This is not security. There are other Internet-wide scanners out there (Shodan is a great example). Source: about 2 years ago
Snake oil security like changing ports for ssh do absolutely nothing in practice, as services like shodan.io exist. Using SSH-Key only increases your security if you use weak passwords and make it easier to avoid miss configuration of your server. But if you're using a strong password it's basically the same. Source: about 2 years ago
I get scanned all the time by bots like everyone else. 99.9% of it is just noise. You could also just search for your public IP on shodan.io to see if it shows up. Mine doesn't, I check every once in a while. Source: about 2 years ago
When it comes to random connections on a public facing server? Its not to bad; I think the worst I had was about a year ago; almost 80-90k requets in a day but I was on shodan.io with a honeypot at that point. Source: about 2 years ago
The Axis of Evil including China has taken over Google Home as black hat hackers have implemented APTS in devices they detect online when using shodan.io. Rampant vulnerabilities are beginning to be show the tips of their icebergs. When performing a Wireshark, you can see the action live on the wire. Source: about 2 years ago
There are several sites that can give you useful information for this. For example, databases like Shodan and Censys, or tools like CloudFlair and CloudPeler, might show some of their internals. Not all targets will appear there, and many won't have any useful entries, but some might have their data exposed. - Source: dev.to / about 2 years ago
Your second method is not secure. Your domain might be obscure, but the IP address of the server is not, so it doesn't matter. Websites such as https://shodan.io exist, if you fancy finding some OctoPrint instances exposed to the internet. If people don't add extra security their webcams are exposed to the world without even OctoPrint's login, so just don't do it. Source: about 2 years ago
I back this recommendation. If for any reason you need to keep 443 open, I advise that you install an intrusion detection system such as Crowdsec in addition. Also, give a look at shodan.io for your ip and check for the detected vulnerabilities. Source: about 2 years ago
I've heard of people going to shodan.io and sending warnings just like this. Source: over 2 years ago
The easiest way of determining what you are exposing, short of an online portscan, is probably entering your IP address into shodan.io. Source: over 2 years ago
Not sure how many ppl that would ddos would use the minecraft ping system for that XD but yeah honestly this is kinda normal I get this all the time; it only gets worse the more players you have. Or if your put into a list like ones on shodan.io. Source: over 2 years ago
You can! Also detect if it's a public IP and use Shodan.io to display "offline" port-scans which is a cool idea. I played around with this for RustScan, something like "hey user, shodan.io scanned this server 2 days ago. Do you want to see what ports they reported were open without scanning?". Source: over 2 years ago
Nmap, zenmap (gui), and angryIP are my GoTos for internal networks. If you want external networks - shodan.io is good. Source: over 2 years ago
Everything the others have said + also use https://securityheaders.com/ & shodan.io if you haven't already to see if there is anything obvious. Source: over 2 years ago
Do you know an article comparing Shodan to other products?
Suggest a link to a post with product alternatives.
Is Shodan good? This is an informative page that will help you find out. Moreover, you can review and discuss Shodan here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
