Post · bonfire.cafe

Post

Ruh roh. That feeling when you get the Google "we detected unusual activity from your computer or network" page and wonder if some IoT device on your network got popped...

Anyone know how to scan my network for #Kimwolf? (I don't THINK I have any old Android TVs but it's the big one of the moment I'm aware of...)

#CyberSec #Botnet

Fritz Adalis

@FritzAdalis@infosec.exchange · 4 weeks ago

@tim @catsalad
My go-to is usually nmap. It doesn't show infections and isn't really a vuln scanner but it's hard to beat for getting an inventory of what's connected. If you're not familiar, try e.g.:
nmap -sS -A 192.168.2.1-254

Add -v for more info.

Jérôme Meyer

@jmeyer@infosec.exchange · last month

@tim https://synthient.com/check and https://spur.us/context/me
Not specific to Kimwolf but to residential proxies in general.

https://spur.us/context/me

AMS

@AMS@infosec.exchange · last month

@tim Greynoise has a self check if their honeypot network saw anything. https://check.labs.greynoise.io/

Usually I get that from google when they don't like my adblocker.

Cat 🐈🥗 (D.Burch) :paw:⁠:paw:

@catsalad@infosec.exchange · 4 weeks ago

@AMS @tim Yeah, I've seen that while fiddling with my adblock and NoScript settings.

Almost like the ad company hates adblock, or something.

Tim W RESISTS

@tim@union.place · last month

Or a non-snake-oil "scan my local network" tool in general?

emerssso

@emerssso@union.place · last month

@tim I've used the free tier of Nessus to run scans on my network. Kind of a pain to set up, but it did tag some vulns in some of my IoT stuff that was medium useful.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.2-alpha.32 no JS en

Federation disabled