Port 443 not returned ?

D2SI · ‎05-16-2019

Hello there,

Thanks so much for the new version of the App as it now takes into account multiple ports ! (and thanks also for your other Apps and blog posts by the way!)

There is just one little thing that does not work for me (or that I do not understand correctly).

It seems that I can get port 443 listed as result for any tested IP that has 443 open.

For instance,

If I query IP 151.80.25.159 on Shodan website, I would get ports 22, 80 & 443:

But when querying the same IP from Splunk I only got ports 22 & 80, not 443.

Any hint ?

vikramyadav · ‎05-17-2019

Hi @D2SI, Just make sure you had opened port 443 in your system...
For windows https://www.tomshardware.com/news/how-to-open-firewall-ports-in-windows-10,36451.html
For Linus https://www.cyberciti.biz/faq/howto-rhel-linux-open-port-using-iptables/
restart your splunk and then try again..if you still face same issue then go for paid API.

hurricanelabs · ‎05-17-2019

Hi @D2SI, do you happen to be using a free Shodan API key? It appears when testing this using a free API key no 443 ports show, but when using a paid API key 443 does show up.

D2SI · ‎05-17-2019

Yes exact, free Shodan API Key for now unfortunately.

Yes, I have edited the post with screenshots to illustrate that!

That would be great, yes!

hurricanelabs · ‎05-17-2019

Additionally, Shodan actually says "the free API key doesn’t have access to HTTPS or Telnet results. I believe that if you do a direct IP lookup (instead of a search request) then you will be able to see the HTTPS/ Telnet information even with a free API key.", but the custom command in the app does not support this. This is definitely something that we can look into adding into the app.

Port 443 not returned ?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!