Looking at North Korea’s IP Space with Shodan

Shodan North Korea 1

With all the news about North Korea’s online capabilities being shutdown I figured I would take a quick look at their IP space with Shodan, the “hacker’s Google”.

First I pulled up North Korea’s main IP space of 175.45.176.0 – 175.45.176.255 and found about 755  returns, 234 being SIP or Voice over IP – basically some sort of voice/video device.

Shodan North Korea 5

But what if we filter the search to just look for regular servers?

Shodan North Korea 3

8 results! You read that right, just eight! Most of them run some sort of CentOS Linux version with Apache. Looking at the rest of their IP space I found the following:

  • net:175.45.177.0/24 server turned up 2 more.
  • net:175.45.178.0/24 server turned up 8.
  • And finally net:175.45.179.0/24 server returned with 2.

So according to these searches with Shodan, N. Korea has around 20 servers active. Not a massive internet presence by any stretch of the imagination.

~ by D. Dieterle on December 23, 2014.

2 Responses to “Looking at North Korea’s IP Space with Shodan”

  1. This obviously doesn’t take into account the servers that are routinely shut down because there is no electricity available to run them.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: