Wile I am certain that the majority of this membership knows what Shodan is and represents, honestly, they represent something slightly more than an automated port scanner, reporting back on some of the more common open ports (HTTP, SNMP, telnet, etc.) that appear to be "pingable" throughout the Internet.
In a recent email sent by (kudos once again goes to...) KF on recent postings on the "pastebin.com" web site by yet-another-hacker group calling themselves "#ntisec", posted web site URLs of what appears to be embedded devices.
It should be interesting to note what these devices they (#ntisec) are providing represent: building automation controls. Yes, another form of "SCADA".
There are some smart meters from several known manufacturers sprinkled into the mix, but overall many of the devices' URLs look like they may be HVAC or environmental controls.
Without knowing more, or going into further investigation about these devices, the question is whether the URLs being provided are simply "informational only", or do in fact, provide C&C functions to environmental controls of their designated owners.
One thing that appears to be a common factor is that majority of the URLs provided are utilizing the "Niagra AX" framework (http://www.niagaraax.com/cs/products/niagara_framework), which is owned and operated by "Tridium".
This appears to be a software development framework utilized for embedded or "smart" devices.
According to Tridium's main web page of their web site, they have *almost* 300,000 embedded devices utilizing their "Niagra" software (http://www.tridium.com).
Shown below are the URLs specific to this recent rash of recently discovered embedded device URLs:
- http://pastebin.com/AtedM7Lj (dated 21-Jan-2012)
- http://pastebin.com/P5mTphKw (dated 21-Jan-2012)
- http://pastebin.com/AZq3veGM (dated 18-Jan-2012)
Though not directly related to this discussion, this URL was mentioned in the third "pastebin.com" URL, and compliments activity in trying to understand environmental control systems:
Cross-posted from the SCADASEC Mailing List