nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Spitballing IoT Security

From: Jean-Francois Mezei <jfmezei_nanog () vaxination ca>
Date: Wed, 26 Oct 2016 13:30:38 -0400
While I agree that fixing home routers is the best approach, something
bugs me.

If an IoT vendor doesn't even know that its devices have telnet or ssh
enabled by default (and hence, no management interface to change
passwords)  and only focuses on the web interface it has added , then
how come the kernel would be "UPnP" the telnet port to tell the router
to send inbound telnet to that device ?

And how do routers deal with multiple cameras each sending a "send port
23 requests to me" ?

I can understand a computer sending a UPnP request when you start a game
to tell router to forward inbound calls to a certain port to that
computer/app.  But for IoT devices that are on all the time, there
should be static setup, not UPnP.
Previous By Date Next
Previous By Thread Next

Current thread: