Posted in

Live Network Monitoring

Image: Shodan.io Dashboard

Shodan is one of my favorite platforms to date. It is a powerful platform that allows for you to find open ports and vulnerabilities. It will also list the CVE so that you can go and research it and how to patch it as well. You can add either a public IP address or even a domain as well. It will list all vulnerabilities and open ports whether you use the IP address or the domain.

I had entered both into shodan to see what kind of report would come up. My public IP address did not yield any CVE reports or potential vulnerabilities. It did show the ports I had open at the time. Depending on what services you run on your server is what ports you will have open. At the time, I had ports 80, 443, and 8096 exposed to the internet. When I had xfinity internet, their gateway had a built in IPS. The port that caused my IPS to trip almost non stop was 8096. I was running my media server on that port.

The biggest surprise was when I entered my domain, hbtechsolutions.com, into shodan. I never saw so many CVE vulnerabilities pop up in a single report. At the time I did this, my domain was hosted by go daddy. This was before I went down the self hosting route. You would think with a platform as big as them, they would have spent some money on securing their platform.

Since I did this report, I had did some remediation. I decided to move my domain off of go daddy and use cloudflare. Not only did I save a lot of money on operating costs, it opened up more options for me to secure my stuff. I ended up getting better home internet and it helped using my wireguard VPN. You have to open 80 and 443 for that service and for the proxy manager I use as well. I didn’t have to expose 8096 anymore because I was able to use subdomains to access services outside of my home.

Leave a Reply

Your email address will not be published. Required fields are marked *