In the free account I just registered you can just type in your own public IP and check what is exposed. Pretty simple.
You can use the free account. You can't kick off on-demand scans with that though. But, once your IP is in the system, they will hit it fairly frequently.
It is. It can also be endless hours of entertainment looking at webcams and things that should definitely not have been exposed to the internet.
It's actually pretty scary how many industrial control platforms are exposed, and using default credentials. There are also radio stations with their broadcast platforms exposed that would allow an attacker to take over the broadcast and play their own audio, if you know how to search for them. Public safety systems also, with control of tornado sirens...
I'm sure some russian hackers have a button somewhere that they can press and it will just cause complete pandemonium all over the country.
1 Like
or use iotscanner.bullguard.com
It'll tell you if your IP is on Shodan. It can then also search for devices that are exposed. Of course if you do this, they will be listed on Shodan.. so fix it.
1 Like
Thank you, excellent advice!
Staff have mentioned many times on this forum (as have many community members) that port forwarding your Hubitat is a bad idea. So many times that, yes, each one of those words is a different hyperlink that will take you to someone saying so. 
Anyone who is doing this anyway should know better than to leave it open if they do, but it's not recommended in any case.
Great advice for you to share as a reminder! Anyone looking to do this should consider a VPN instead (you can host one yourself on something as simple as a Raspberry Pi with PiVPN, or many home routers have such a feature built-in).
Was there ever a time when a port forward was necessary to reach it from the cloud?
i have only the services i expected exposed (with strong passwords). but that site is awesome. it wouldn't take long to guess a default pass.
brute force wouldn't work as my passwords are long and random via lastpass. but you never know.
if this site was a bit cheaper i'd surely sign up for monitoring of my services. are there any others ?
No. The cloud endpoint has always been there. I suppose Hubitat Dashboard would be the most notable app where that is used (others like the Alexa skill use it in a less visible manner). The cloud link there has been there as long as Dashboard has been around.
It does depend on what "it" means, though--remote administration has never been possible, so you have (and likely always will) need a VPN or similar to do that. Nothing possible today remotely (that has previously existed as a feature) has ever not been possible in the manner in which it is possible today.
Then I just don't understand the need. Well I do, but I don't want to 
Wait. You're saying people have set up public port 80 access for their Hubitat Hub? 
A "crafted" search isn't available with the free API account, but if someone's "shared" it you can view it as well, right?
Is Shodan's documentation the best way to familiarize oneself with creating search queries or would you recommend another source of "learning the ropes"?
Yes it is. Click on explore and look at those for examples.
1 Like
Maybe someone should write a plugin that just kicks off a scan from one of the free portscanning services on a regular basis, and then the hubitat will alert you if it's exposed publicly.
1 Like
Well...my Hubitat is secure, but My Plex server is ready to stream movies to those enterprising webscanners that are patient enough to scan up to 5 digit port numbers!
Guess I'll have to disable that!
S.
how did you check?
Fill in your own ip in the search bar. Though then your IP will be listed.
I usually use ShieldsUP! At grc.com, I've been using it for years, but I tried Shodan today as well.
The only thing that popped up was the default Plex port.
S.
what does that do?
it showed this but I don't have anything there
the port 80 is my router but it only allows me to access it when i'm on my LAN
If you ran a port scanner, from the internet (e.g the website) and 80 and 443 showed up, then they are exposed to the public internet.
1 Like
I think that means that your router mimics port 80 and 443 is closed for business from wan. But it is not. My ip: enough people saw it by now 
Only VPN is there.
