The security of IoT devices is the problem the world is sure to face in the coming years. To make it easy for everyone to scan their network if IoT devices for possible vulnerabilities, a UK-based security firm BullGuard launched a very useful tool.
This tool is called the Internet of Things Scanner. It was launched in early June 2016, the time everybody knew that insecure IoT devices are dangerous. And now we are aware of the fact that they are so dangerous and can even bring down a large part of the Internet.
The way this tool works is simple, it takes the visitor’s IP address and then search it on Shoden which is a search engine to discover Internet-connected devices.
The IoT Scanner will tell you if your IP is reachable via Shodan, which despite being a tool used by many security researchers, is also abused by hackers to discover possible targets and plan future attacks.
The tool does nothing more than to automate a Shodan search for an IP address, listing the results as a list of ports exposed to the Internet.
The simplest way to protect IoT equipment, in this case, is to block port forwarding on local LAN routers or to place IoT devices behind a firewall.
Unfortunately, device owners that lacked the technical skills to configure their IoT device will probably have no idea what to do to remediate IoT Scanner results, and a specialist’s help will probably be needed.
Nevertheless, the IoT Scanner can help users discover if their local home network is exposing ports to the Internet, which can be used by attackers as a gateway for future attacks.
The tool also has its limitations. For example, users will need to be able to run a browser on their IoT device, in order to access the scanner’s URL. This means users can’t test IP cameras, baby monitors, and others. Users may be able to test some smart fridges, which come with a built-in browser to access Internet sites, but this feature is not included in all smart fridges or IoT products, which generally feature simplistic interfaces due to storage and memory limitations.
Source: softpedia