Jump to content

Is it possible to Block IoT scanners like Shodan, Censys, Shadowserver


irigsoft

Recommended Posts

All web crawlers (scanners)  show everyone information about the vulnerabilities of your server, I think this should be taken into account and blocked or controlled.

That's why I'm raising a new topic on the security of our servers.

If some has managed to block them (in the IIS, Apache, or the unigui application itself) and wants to help.

 

Can we apply methods from this topic to block this scanners ?

https://community.checkpoint.com/t5/Management/HowTo-Block-IoT-scanners-like-Shodan-Censys-Shadowserver-PAN/td-p/124612

 

Censys: https://developerinsider.co/censys-find-and-analyze-any-server-and-device-on-the-internet/

Shodan: https://blog.checkpoint.com/2016/01/04/check-point-threat-alert-shodan/

Shadowserver: https://www.shadowserver.org/news/the-scannings-will-continue-until-the-internet-improves/

 

list of scanners: https://udger.com/resources/ua-list/crawlers

why I want to stop scanners: https://www.hackerfactor.com/blog/index.php?/archives/840-Why-I-want-to-block-internet-scanners.html

Link to comment
Share on other sites

@Sherzod , 

Where is "top of your access control" in our unigui app.

I test Censys on my server and it returns a lot of information about my headers, html document and so on.

Where can I write code to block this scanner (hide information) when it intercepts a sent GET request from the scanner to my server.

Is UniGUIServerModuleHTTPCommand "top of your access control"?

 

If I use this UniGUIServerModuleHTTPCommand code in the first place, why does the response from the unigui server have so much returned information?

is It possible to clear all responce info ?


IF BlockedIPList.Count > 0 then begin
  if BlockedIPList.IndexOf (ARequestInfo.RemoteIP) > -1 then begin
    AResponseInfo.ContentText := '<h1>Blocked IP</h1>';
    Handled := True;
    AResponseInfo.CloseSession;
    GOTO ENDALL;
  end;
end;

Link to comment
Share on other sites

4 hours ago, Wilton Ergon said:

how did you add all this list, as i tried to play this list of ips, and it only allowed to add 4653 lines
and your list has 14870 lines

Yes, but I dont use BlockedIpList.

I was create my own TStringlist and load it from file.

OnServermodule.HtmlCommand then check if remoteIp is in list and close the Session.

That is how work to me

Link to comment
Share on other sites

  • 1 year later...
census1.shodan.io
census10.shodan.io
census11.shodan.io
census12.shodan.io
census2.shodan.io
census3.shodan.io
census4.shodan.io
census5.shodan.io
census6.shodan.io
census7.shodan.io
census8.shodan.io
census9.shodan.io
cloud.census.shodan.io
dojo.census.shodan.io
flower.census.shodan.io
goldfish.census.shodan.io
hello.data.shodan.io
house.census.shodan.io
inspire.census.shodan.io
mason.census.shodan.io
ninja.census.shodan.io
ny.private.shodan.io
pacific.census.shodan.io
pirate.census.shodan.io
rim.census.shodan.io
scanner01.project25499.com
scanner02.project25499.com
scanner03.project25499.com
scanner04.project25499.com
scanner05.project25499.com
shodan.io
sky.census.shodan.io
turtle.census.shodan.io
www.shodan.io

 

  • Thanks 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...