nanog mailing list archives
Re: IoT security, was Krebs on Security booted off Akamai network
From: "John Levine" <johnl () iecc com>
Date: 10 Oct 2016 17:18:41 -0000
It helps solve the bad (including manufacturer's default) password problem which was one of the attack vectors.
That problem has been adddressed pretty well by giving each device a random password and printing the password on the device. Another hack that works pretty well is a button you push that allows TOFU authentication for 30 seconds or so. Neither is perfect, but they both largely solve the problem of scanning for open ports unless the scanner happens to scan at exactly the right time.
Current thread:
- Re: IoT security, was Krebs on Security booted off Akamai network, (continued)
- Re: IoT security, was Krebs on Security booted off Akamai network Jim Shankland (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network Mel Beckman (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network Florian Weimer (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network bzs (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network Mel Beckman (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network bzs (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network Mel Beckman (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network bzs (Oct 09)
- Re: IoT security, was Krebs on Security booted off Akamai network Rich Kulawiec (Oct 10)
- Re: IoT security, was Krebs on Security booted off Akamai network bzs (Oct 10)
- Re: IoT security, was Krebs on Security booted off Akamai network John Levine (Oct 10)
- Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Large Hadron Collider (Oct 09)