What are Attackers after on IoT Devices?(arxiv.org) |
What are Attackers after on IoT Devices?(arxiv.org) |
Wave Broadband up on the US west coast for many years has been the victim of offering gigabit fiber optic internet services.
Many of its clients of that service come from a country with a particularly "great firewall" one might say
Netflix's systems will often see these rafts of connections with weird non-matching timezones to the IP address, Chinese default language and other errant data and...simply declare the entire ISP a VPN/Proxy provider!
For a company with 500K+ customers in 3 states, this kind of disruption is absolutely brutal on their support lines, yet seems to happen almost every other month
I am interested in this kind of setup but lack relevant experience. Is this stuff you set up in the stock Unifi admin pages?
It’s pretty fun to setup !, you can take any old desktop/laptop at your home and make them into your own custom router by running a linux or bsd instance on it.
If you go this route, I would recommend suricata ids as you can setup more complex and sophisticated system easily, compared to snort.
[1](https://suricata.io/)
One compromise would be to add an extra hop (like a raspberry pi ) to the IOT vlan, and install snort there. That way I could retain my primary router (currently Ubnt ERX).
Great tip!
For powerful application processors like your TV, smartphone, router...there's plenty of rich data to exfiltrate and resources to abuse.
For a microcontroller, you're either interested in controlling it remotely or stealing some secret from it e.g. WLAN password or a cloud access credential. Anything else is quite hard and has diminishing returns. However, in great numbers they can provide a significant DDoS capability.
In security, that's probably a strength, not a weakness, if done right. There are less lines of code that might contain vulnerabilities. There is no random side service, JS library or OS vulnerability to attack, there might be nothing to listen for incoming connections, etc.
IoT/Edge devices are also the "perfect tools" for phishing somebody for more valuable information than mere biometric/similar data.
I recommend the 2 vlan setup and disable switch0 for the best performance .
It's a step up from consumer routers with more powerful firewall, qos, and configuration .
Ubiquitis docs are great
https://help.ui.com/hc/en-us/articles/115002531728-EdgeRoute...
Happy tinkering ^^ and merry christmas