Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Who Makes the IoT Things Under Attack?
#11
wuench Wrote:BTW Qualys has a good website that will scan your internet access for free 10 times.
Looks like you have to disable snort if you run it or else it just gets blocked straight up.
--Kill all the serial ports--
Reply
#12
Lol yeah. That's how it is with security scanners. Thats the continual argument I have with our security department, they want to scan everything but they want to bypass security controls to do it. Smile

It's a judgement call do you want a realistic view of how vulnerable you are, or do you want a detailed view by disabling things to scan, and then if it does discover something is it really a problem? It sounds to me like snort is doing it's job.
Wuench
My Home Theater/Automation Website

[THREAD=5957]BlueGlass CQC Config[/THREAD]
[THREAD=10624]Wuench's CQC Drivers[/THREAD]
Reply
#13
And more things to worry about:

https://www.reddit.com/r/homeautomation/..._to_china/

Everyone is freaking out about a scientific submarine drone, but ultimately when it finally hits the fan, China is just going to shut down everything we have because it all is connecting back to there.
Dean Roddey
Software Geek Extraordinaire
Reply
#14
I just saw some discussion on Reddit of an article about a cloud enabled washing machine that has some sort of bug that can let someone get root access to the device, so they now have a node inside the walls. I assume that they can then download any code they want to start making attacks that would be useless from outside the LAN, or to sniff network packets or whatever.

Not sure of the details, and of course sometimes these articles overplay the risk. But still, yet another thing to worry about. Ultimately, I guess one question is, why trust someone who makes washing machines to be an IT company? Then you think about how you might get around that, and one obvious answer is some very IT oriented company comes up with a standard module that other companies can use. But, then the problem is that, when someone finally finds a bug in that, millions of us will get whacked, instead of just the guy who trusted the washing machine company.
Dean Roddey
Software Geek Extraordinaire
Reply
#15
So I saw two videos minutes apart today, one of a Russian anthropomorphic robot firing a gun at a target range, and the other of Amazon's new camera enabled Echo. Why do these things give me a bad feeling?
Dean Roddey
Software Geek Extraordinaire
Reply
#16
And another example of why we are doomed. Every single cloud based device, which is pulling down software to itself that we don't control and which is running inside our perimeter with full access to our local network, is a potential Trojan Horse. In this case a fish tank.

http://money.cnn.com/2017/07/19/technolo..._tech_pool

It does absolutely no good to have a router blocking all incoming connections when you have twenty five outgoing connections from devices that are doing who knows what and loading who knows what software.
Dean Roddey
Software Geek Extraordinaire
Reply
#17
This is why more detail needs to be put into network deign. The three dumb routers model is a bare minimum required to separate IoT from critical infrastructure (an to a home user this is their home PC network where banking and other personal information resides).

I use a firewall and whitelist devices allowed access to the Internet. UPnP is a big offender in security and needs to be turned off in all cases.

The downside to all this is that it takes time and is not easy.
Mykel Koblenz
Illawarra Smart Home
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Things not to do Dean Roddey 2 1,041 12-30-2015, 08:32 AM
Last Post: zaccari
  Internet of things Ron Haley 12 2,720 09-23-2015, 04:04 AM
Last Post: znelbok
  Anyone use CBus inputs for other things? willplaice 3 1,092 06-30-2009, 02:32 AM
Last Post: znelbok
  How in the hell do you remove these things Wynn 7 1,542 07-16-2007, 09:44 PM
Last Post: zaccari

Forum Jump:


Users browsing this thread: 1 Guest(s)