Spitballing IoT Security

• Previous message (by thread): Spitballing IoT Security
• Next message (by thread): Spitballing IoT Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2016-10-27 23:24, Ronald F. Guilmette wrote:
> I put forward what I think is a reasonbly modest scheme to try to get
> IoT things to place hard limits on their "unsolicited" packet output at
> the kernel level, and I'm going to go off now and try to find and then
> engage some Linux embedded kernel people and see what they think.  Maybe
> the whole thing is a dumb idea and not worth persuing, but I'm not con-
> vinced of that yet.  So I'll go off, investigate in some more appropriate
> forum, and report back here if/when I have anything useful to say.
>
> Hacking embedded kernels to make them fault-tolerant, even in the event
> of attackers getting a root shell prompt, isn't going to save the world
> from DDoS attacks, but it may be one small part of the solution.
>
>
> Regards,
> rfg

This doesn't make sense to me.  When the device is compromised, the 
default software with the restrictions will just be reconfigured or 
replaced.  This process is similar to installing DD-WRT, or even a 
simple update from the vendor, for example.  Botnets download and 
install the software they require and often they close the original 
infection vector to prevent another botnet from reinfecting.  Check out 
the Mirai source code that was posted.

-Laszlo

• Previous message (by thread): Spitballing IoT Security
• Next message (by thread): Spitballing IoT Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]