Watching the Watchers -- Detecting WebCams with Nessus
By Ron Gula
Nessus plugin #33523 "Network Camera Detection" will alert if it encounters a web page that belongs to a WebCam.
Typically, these web pages are not password protected and on ports other than port 80. If it is not password protected and not behind a firewall, it may be allowing unauthorized users from your organization, or even users from the Internet to view and/or listen to activity and conversations in the viewing area of the cameras.
Below is an example screen shot of this plugin being active during a Nessus scan.
The plugin does not require credentials, but is dependent on having its scan target the web server port if it is running on something non-standard, such as 8000.
The plugin is currently available to Direct Feed users.
Tenable One
Request a demo
The world’s leading AI-powered exposure management platform.
Thank You
Thank you for your interest in Tenable One.
A representative will be in touch soon.
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success