Free tools to check your vulnerability exposure

I often write about the failure of various device makers to properly secure their smart home gadgets, or worse, router makers to properly protect your home network from prying eyes. Keeping track of secure issues that may impact you is a necessary overhead of putting your home online.

Sure, some devices operate locally and don’t really present an internet exposure risk in and of themselves, but many devices phone home to the device makers servers to provide smart functionality, or simply to provide smartphone access from wherever you are. The Security of these services is what is really in question, and potentially difficult to assess as an end user. Thankfully, there are some good free tools available to make self testing the security of your connection a lot easier.

A common way of searching for vulnerable devices is to use the ‘search engine for the internet of things’, Shodan.  Shodan scoures the Internet address space searching for, well, anything it can find. This is similar to Google looking for web pages to index among the trillions of pages out there, but Shodan is looking for open ports and known vulnerabilities. 

You could go and use Shodan directly to search for your own IP address, but what about the other addresses you may have been assigned by your ISP (if your on a dynamically assigned address as most people are) ? Worse yet, do you really want to keep track of the various known issues out there and check for all of those? If not, IT security firm BullGuard has you covered. BullGuard has set up a web-based vulnerability scanner called, unsurprisingly, IoTScanner. This page offers two scanning modes that check Shodan for you automatically. 

BullGuard IoTScanner

BullGuard IoTScanner

The first mode is to check if you are listed in Shodan’s search results on your current IP Address.  It’s just a button click. Once done, you then get the second option of doing a Deep Scan to search for known vulnerabilities. This is the real value of the service as it takes all the hard work of keeping track of these things off your hands. BullGuard do note, however, that if you use it and find anything, Shodan is going to index those devices (if it hasn’t already). Still, better to know so you can fix it before someone else find it.

This second stage can take some time, depending on your connection speed and time of day. Helpfully, the scanner detects this and offers to email you the results when it’s done.  Generally though, it’s a quick and easy check to highlight any specific issues you should be taking action on. 

A second tool that has been around for a while, and offers great value, is ShieldsUp!. This free tool is offered by Gibson Research Corporation (GRC) and similarly checks for any open ports on your IP Address. You can elect to scan for common ports, specific issues, or just do everything. At the end you’ll be given a detailed report of what was found and explanations as to what it means.

Image 10.png

There’s also an optional UPnP exposure test thrown in there as well, which is good to know as UPnP has become increasingly ubiquitous on home routers. It’s required for a number of things to function correctly without you having to worry about manually mapping ports on your router, but it should never be exposed to the internet as it then allows any random attacker to map their own ports through to your internal network. Unfortunately some routers firmware is bad enough to do just that.

Between these two tools, you can be reasonably assured that you are not putting anything out there that shouldn’t be, and that your router’s firewall is working properly. Obviously this is not going to cover any potential personal data leakage via a third party server that your devices may be using, but at least your own data will remain secure.