ID: IRCNE2012031424
Date: 2012-03-06
According to "zdnet", security firm Zscaler has released a tool capable of scanning networks to find embedded web servers that may be publicly accessible without any protections.
The web-based tool, called brEWS (Basic Request Embedded Web Server Scanner), can scan IP ranges to find things like multi-function printers and photocopiers, VOIP devices and video-conferencing systems that are currently available over the internet.
Malicious hackers are already using the Shodan computer search engine to find Internet-facing SCADA systems that use insecure mechanisms for authentication and authorization and Zscaler’s Michael Sutton warns that thousands of embedded systems are currently online without the necessary protections.
According to a report by The H Security, Sutton delivered a presentation at the RSA Conference on this issue:
The scan managed to examine the targeted one million web servers in a short time and came up with the following results: many thousands of multi-function devices, 8,000 Cisco IOS devices and almost 10,000 VoIP systems and phones didn’t require any log-in authentication.These devices include packet tapping features and PCAP tracing by default.
The majority of the detected devices were not protected by passwords, Sutton said. This means that any web user can access their web interfaces through a browser and view the documents that are stored on such photocopiers and printers, forward incoming faxes to an external number, or record scan jobs.
Sutton’s scan also discovered more than 9,000 video conferencing systems by Polycom and Tandberg (now Cisco).
- 2