XP machines are very common in two way radio systems as controllers... They use allot DOS commands
On Oct 6, 2016 6:40 AM, "Eric Rogers" <ecrog...@precisionds.com> wrote: > The machines we have seen, run Win98 (not XP)… and yes, we have set a few > up, and even offered the farmer to setup VPN, but they don’t want that > extra step…SO, we do what they ask. > > > > Eric Rogers > > [image: PDSConnect_logo-Connecting You to the World - Signature Logo] > > www.pdsconnect.me > > (317) 831-3000 x200 > > > > *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *ch...@wbmfg.com > *Sent:* Wednesday, October 5, 2016 7:27 PM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] grain dryer port forwards and IoT security > > > > Wonder how long ago that code was written... > > > > *From:* Eric Kuhnke > > *Sent:* Wednesday, October 5, 2016 5:25 PM > > *To:* af@afmug.com > > *Subject:* Re: [AFMUG] grain dryer port forwards and IoT security > > > > It's dumb and the manufacturer should feel bad. But it's not really your > problem to secure their device, if it gets pwned you can cut it off from > the network per your TOS/AUP. > > Not much riskier to the ISP than being a colo provider and renting a small > section of rack space and selling a static /30 to a customer who doesn't > know how to secure their Linux server. > > > > On Wed, Oct 5, 2016 at 4:22 PM, Ken Hohhof <af...@kwisp.com> wrote: > > We hooked up Internet to a new GSI tower dryer at a grain elevator, and > assuming this is the correct manual, it wants ports 22, 23, and 80 > forwarded to it. > > > > http://www.grainsystems.com/content/dam/Brands/GSI/ > Manuals/English/Conditioning/pneg1720-062114-OS.pdf > > > > Without additional firewall rules, does this sound risky? They have a > cellphone app, which apparently goes directly to the dryer, not through > some intermediary like a Team Viewer server. So I don’t see what firewall > rules we could put in. Doesn’t this let every hacker, script kiddie, and > bot herder in the world try to break into it via SSH, telnet and HTTP? Do > these guys move on if the default password has been changed? I would think > they would run dictionary attacks against it. > > >