"Internet Of Things" Security is hilariously broken and getting worse





  • Interesting: some-url-to-exposed-user

    EDIT: Removed by admin


  • Hero Member

    @Rasenheizung said:

    Interesting:

    Interesting found indeed. I've send a pm to the user this could belong to. Maybe you could remove the link?



  • @TimO said:

    @Rasenheizung said:

    Interesting:

    Interesting found indeed. I've send a pm to the user this could belong to. Maybe you could remove the link?

    As I have been editing my post, Admin was faster 🙂


  • Admin

    Opps, sorry. 🙂



  • My aim was to think of how to protect ourselves from such attacks. I haven't incuded cameras yet so I have no knoweldge in this. If anybody gained knowledge in this field, he can list the best secured cameras in market.

    Actually I am afraid to integrate a camera in my house after this article. Maybe outdoors only.


  • Hardware Contributor

    I have cameras. A strong password must be the important part and/or not make it directly accessible from outside your LAN without a VPN. Or if you have a controller accessible from internet you can add the cameras there (if controller supports it)...

    These sites are scanning open ports all the time and tries to apply standard passwords if they find one. I have a log on my controller port and get login attemps from tor routers a couple of times each week but its probably bots since they move on quickly.

    If you have your controller secured and then add the cameras in the controller i bet you get rid of the most common threats. Offcourse you are not 100% safe but atleast from the scanning bots... and the real hacker... i would like to se his face when i go naked from bedroom to bathroom in the middle of the night... moving on!



  • @sundberg84 said:
    I have a log on my controller port and get login attemps from tor routers a couple of times each week but its probably bots since they move on quickly.

    Could changing the default port ( :80 ) by something else be a good start ?


  • Hardware Contributor

    @Pierre-P that would be a great tip - :80 is probably on of the most scanned ports.
    Also using default port by Domoticz :8080 could easily be changed to something more uncommon.



  • For instance, with "orange" internet provider, i know how to redirect the port :1234 from internet to :80 intranet... but only once.
    This is cool for 1 non editable port.
    Sadly I don't think we can close the :80 port. It is (was) used by all the chat software.

    For the rest: never keep the box-user, never keep the box-software, try to never keep the box-ports. The bad guys KNOW this things. For a old but still used automation-device (witch can control big companies) it still the box-parameters. So... easy to enter into the programs.
    It was the same for Americans money distributor !!! (now, the have a random password when send to the client)


 

Suggested Topics

330
Online

8.3k
Users

9.2k
Topics

97.2k
Posts