Rebooting the Unsolicited Response Podcast was one of my 2017 goals, and I didn’t want it to be one and done. So I recorded a number of them before issuing this first episode so you can expect at least one a month. (Episode 2 is with Joel Langill, aka SCADAhacker).
If you have any suggestions for guests or topics please send them to firstname.lastname@example.org.
In Episode 1 I interviewed John Matherly, the creator of Shodan, in Kuwait. Lots of good content with the breakdown of highlights and times below.
3:10 What is Shodan?
4:45 John’s background and why he started Shodan
9:10 Adding ICS to Shodan … originally John thought it was too risky
10:45 How fast he can add new ICS protocol support (less than a day)
13:00 Looking to add more support for medical devices
16:00 How are the customers using Shodan, external network monitoring is most common use case … but few ICS related customers … more ICS vendors
19:30 Does John see Shodan ever scanning an internal network?
21:00 Shodan does legitimate request scanning … a proper handshake
24:45 What does he do when someone doesn’t want Shodan to scan their address space?
27:30 What has been the industry impact of his Internet connected ICS map?
29:20 The number of Internet connected ICS has only increased since he has been tracking
32:15 The Omron example
35:00 What else are you going to do with all this data, the real value of Shodan’s database
38:15 John’s request of the ICS Community
And at the end we get a bit into the weeds about what Shodan can and should do with various ICS protocol examples.