Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

HowTo: Block IoT scanners like Shodan, Censys, Shadowserver, PAN Expanse etc.

Protect your environment against all those internet IoT port scanners / web crawlers that scan your network devices to collect all kind of data. Simply create a drop rule and put it on the beginning of your security policy. Create a network group for each of these scanners and fill it with the data listed below.

Supported scanners:

Sample rule:

image.png

Group contents:

  • Shodan --> create domain objects with FQDN enabled!
    • .census1.shodan.io
    • .census2.shodan.io
    • .census3.shodan.io
    • .census4.shodan.io
    • .census5.shodan.io
    • .census6.shodan.io
    • .census7.shodan.io
    • .census8.shodan.io
    • .census9.shodan.io
    • .census10.shodan.io
    • .census11.shodan.io
    • .census12.shodan.io
    • .atlantic.census.shodan.io
    • .pacific.census.shodan.io
    • .rim.census.shodan.io
    • .m247.ro.shodan.io
    • .pirate.census.shodan.io
    • .ninja.census.shodan.io
    • .border.census.shodan.io
    • .burger.census.shodan.io
...
TO READ THE FULL POST it's simple and free