Real Time Streaming Protocol (RTSP, port 554)
RISK ASSESSMENT / SECURITY & HACKTIVISM
“Internet of Things” security is hilariously broken and getting worse
Shodan search engine is only the latest reminder of why we need to fix IoT security.
by J.M. Porup (UK) - Jan 23, 2016 5:30pm EET
135
Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams.
The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, front gardens, back gardens, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores, according to Dan Tentler, a security researcher who has spent several years investigating webcam security.
"It's all over the place," he told Ars Technica UK. "Practically everything you can think of."
We did a quick search and turned up some alarming results:
https://www.shodan.io/host/85.61.172.106
A kitchen in Spain.
EXPAND GALLERY TO FULL SIZE
The cameras are vulnerable because they use the Real Time Streaming Protocol (RTSP, port 554) to share video but have no password authentication in place. The image feed is available to paid Shodan members at images.shodan.io. Free Shodan accounts can also search using the filter port:554 has_screenshot:true.
270