Educause Security Discussion mailing list archives

Re: Shodan value

From: Andre DiMino <adimino () GWU EDU>
Date: Thu, 20 Jul 2017 11:53:08 -0400

We block Shodan as we prefer not to have any vulnerabilities or
misconfigured hosts be publicly identified.

We perform our own regular external (and internal) scans from
pre-identified IP space.

Andre'

On Thu, Jul 20, 2017 at 10:54 AM, Reyor, William F. <wreyor () fairfield edu>
wrote:

We utilize the DHS NCCIC which provides more visibility then Shodan (full
Nessus scan of all public ranges). And block Shodan.

Thanks,
Bill

On Jul 20, 2017, at 10:49 AM, Ford, Bryan <bryan.ford () NDUS EDU<mailto:br
yan.ford () NDUS EDU>> wrote:

There been some discussion of the value of Shodan and should we block it
or leave it open and monitor it.  I see the value of it and
wanted to know what other are doing with it.

Thanks

Bryan




-- 
Andre' M. DiMino
Principal Security Engineer
The George Washington University
Desk: (202) 994-6114
Cell: (202) 365-0548
adimino () gwu edu

Current thread:

Shodan value Ford, Bryan (Jul 20)
- Re: Shodan value Reyor, William F. (Jul 20)
  - Re: Shodan value Andre DiMino (Jul 20)
    - Re: Shodan value Nicholas Garigliano (Jul 21)
    - Re: Shodan value Andre DiMino (Jul 24)
  - Re: Shodan value Rich Graves (Jul 20)
    - Re: Shodan value Reyor, William F. (Jul 20)
    - Re: Shodan value Valdis Kletnieks (Jul 20)
    - Re: Shodan value Reyor, William F. (Jul 20)
- <Possible follow-ups>
- Re: Shodan value Cameron Dixon (Jul 27)
  - Re: Shodan value Kevin Wilcox (Jul 28)
    - Re: Shodan value Ashley Penchion (Jul 28)
    - Re: Shodan value Dixon, Cameron (Jul 31)

(Thread continues...)