39 comments

[ 2.6 ms ] story [ 82.6 ms ] thread
Browsing those are fun. I wonder what that is http://i.imgur.com/c796ANj.jpg
It's a grain elevator.
First guess is a grain dryer
Those are not cheap pieces of equipment to run and I hope like hell it is not remote controllable. You can make or break an elevator operation by how you deal with moisture.
I was surprised I did not see porn.
>> I found 3567 servers that were unprotected.

That's pretty low for scanning the whole internet. Either VNC isn't used that much or I was simply expecting 10 times as many servers.

Unprotected VNC servers != all VNC servers, or even weak VNC servers. You could probably brute force into a lot more, but that's definitely illegal.
I run an unprotected VNC server at home, but its not open to the world because I'm using a router that doesn't expose local ports, like most people.
Sooooo many of these look so disturbingly like industrial process control... and this is on the HN front page... I think some people are gonna have a bad day.
We had a major thread about something similar a few weeks ago: https://news.ycombinator.com/item?id=11367666. Is this story significantly different?
This site is actually up (unlike the roulette one) and seems to also show IPs (I don't think the previous one showed IPs).
(comment deleted)
Geezus he included the hostnames and IPs? This is so insanely irresponsible.
I'd argue it's responsible. Security through obscurity is no security at all.
Avoiding security through obscurity is a topic for people in the crypto industry. Random people with misconfigured VNC servers most likely aren't computer experts, and revealing their addresses is pointless and irresponsible. Yes, maybe making this information public will cause them to fix their configuration. More likely, they will just be attacked.
After disabling an adblock have several new tabs with mackeeper site opened =(

Turned adblock on again

Yeah I saw the "please disabled adblocker message" with a cute cat. I then thought about what the site was doing and I decided to keep it on and close out the site instead.
Not every ad network accepts my website. If you think my project is cool, please donate by using bitcoin or PayPal. Link is on the homepage.

Your support (with or without donation) is greatly appreciated!

This is terrifying.

So many live systems, from CNC lathes through den feeders and boiler controllers to entire city water treatment facilities..

i think it is obligatory to mention that Intel CPUs (which have vPro enabled, ie. Xeons and some others) have VNC server built-in on the chip.
I'm interested to see that they only found 3567 open servers, whereas a scan I have from a couple years ago shows 7573 entries.

Now is it just a difference in scanned ports or a genuine improvement in security, I can't tell, but I can only hope.

Their numbers are too low. Shodan has found closer to 12,000 servers that have disabled authentication.