Shodan is a search engine for the Internet of Things that allows anyone to find, search and potentially exploit any internet-connected device in their vicinity. It indexes devices that are not websites, such as water treatment facilities and printers, and collects metadata from various protocols, such as RTSP (port 554), SIP (port 5060), SMTP (port 25), SNMP (port 161), Telnet (port 23), IMAP (port 993), SIP (port 5060), SSH (port 22), FTP (port 21), and HTTPS/HTTP web servers (port 8443, 443, 8080, 80). This metadata includes the country or location of the device, the service it provides, the software and version running on it, its IP address, and its name. Shodan is legal as it only finds and displays information that is already available on the internet. It can be used to find and hack devices, but users can protect themselves by changing default usernames and passwords, disabling remote management options, turning off port forwarding, not connecting devices to the internet, and updating all IoT devices.
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website
Source: Securitygladiators