Watching the Watchers -- Detecting WebCams with Nessus
Nessus plugin #33523 "Network Camera Detection" will alert if it encounters a web page that belongs to a WebCam.
Typically, these web pages are not password protected and on ports other than port 80. If it is not password protected and not behind a firewall, it may be allowing unauthorized users from your organization, or even users from the Internet to view and/or listen to activity and conversations in the viewing area of the cameras.
Below is an example screen shot of this plugin being active during a Nessus scan.
The plugin does not require credentials, but is dependent on having its scan target the web server port if it is running on something non-standard, such as 8000.
The plugin is currently available to Direct Feed users.
Cybersecurity News You Can Use
Enter your email and never miss timely alerts and security guidance from the experts at Tenable.