Unsettling stuff for a Saturday morning; In two attempts I was connected to the login pages of two types of systems I use and administer regularly.
I'm aware that this is indicative of bad security practices and not some vulnerability in those systems, but that didn't make it any more comfortable to see their familiar UI elements exposed in all their nakedness.
In fairness, some of the better designed servers redirect to a domain. For example, one of the IPs I stumbled redirected to this weird portal (where the links point to the parent domain)
Neat idea, but I get mostly certificate errors, bare Apache errors, timeouts, basic auth prompts, etc. Some kind of filter might make it more interesting.
I agree completely that further filtering would improve the site a lot. That kind of filtering would require a lot more than a basic port scanner. I'll probably do it someday.
It's also really fun to find web servers on nonstandard ports, but I worry about the site then being abused to find compromised servers.
I'll start working on one now. edit: Done. It'll take a while, but soon the database will be pruned. It will remove 404s and sites that don't respond in 0.25 seconds. edit2: It will remove status 500 as well. Let me know if there are any other broad groups that should be pruned. edit3: pruning 400 now too
I'm aware that this is indicative of bad security practices and not some vulnerability in those systems, but that didn't make it any more comfortable to see their familiar UI elements exposed in all their nakedness.