Spitballing IoT Security
jfmezei_nanog at vaxination.ca
Wed Oct 26 17:30:38 UTC 2016
While I agree that fixing home routers is the best approach, something
If an IoT vendor doesn't even know that its devices have telnet or ssh
enabled by default (and hence, no management interface to change
passwords) and only focuses on the web interface it has added , then
how come the kernel would be "UPnP" the telnet port to tell the router
to send inbound telnet to that device ?
And how do routers deal with multiple cameras each sending a "send port
23 requests to me" ?
I can understand a computer sending a UPnP request when you start a game
to tell router to forward inbound calls to a certain port to that
computer/app. But for IoT devices that are on all the time, there
should be static setup, not UPnP.
More information about the NANOG