Hello there,
Thanks so much for the new version of the App as it now takes into account multiple ports ! (and thanks also for your other Apps and blog posts by the way!)
There is just one little thing that does not work for me (or that I do not understand correctly).
It seems that I can get port 443 listed as result for any tested IP that has 443 open.
For instance,
If I query IP 151.80.25.159 on Shodan website, I would get ports 22, 80 & 443:
But when querying the same IP from Splunk I only got ports 22 & 80, not 443.
Any hint ?
Hi @D2SI, Just make sure you had opened port 443 in your system...
For windows https://www.tomshardware.com/news/how-to-open-firewall-ports-in-windows-10,36451.html
For Linus https://www.cyberciti.biz/faq/howto-rhel-linux-open-port-using-iptables/
restart your splunk and then try again..if you still face same issue then go for paid API.
Hi @D2SI, do you happen to be using a free Shodan API key? It appears when testing this using a free API key no 443 ports show, but when using a paid API key 443 does show up.
Yes exact, free Shodan API Key for now unfortunately.
Yes, I have edited the post with screenshots to illustrate that!
That would be great, yes!
Additionally, Shodan actually says "the free API key doesn’t have access to HTTPS or Telnet results. I believe that if you do a direct IP lookup (instead of a search request) then you will be able to see the HTTPS/ Telnet information even with a free API key.", but the custom command in the app does not support this. This is definitely something that we can look into adding into the app.