I never really understood that part neither in all honesty … a lot of articles indicated default passwords with telnet enabled for example - but didn’t see a lot about *how* those devices are becoming reachable as you point out…
> On Nov 2, 2016, at 1:00 PM, Ken Hohhof <af...@kwisp.com> wrote: > > There was an article about a new IoT botnet malware yesterday and I was > reading all the comments from people discussing what firewall they should get > to block this. > > I’m not understanding. Even a basic NAT router should do the job unless you > configure port forwards or what I suspect is the real culprit is UPnP > creating port forwards for telnet and SSH by default. So just disable UPnP > on the router you have. > > I can’t understand how all these webcams and toasters are accepting inbound > connections directly on public IPs. It has to be UPnP on by default and > installation by consumers who haven’t a clue what port forwarding or UPnP is. > I’m guessing most people actually putting these on a DMZ know enough to > change the passwords, create firewall rules, and block services like > telnet/SSH. > > Many consumer webcams like Nestcams use a cloud service for remote access, > obviously they have a web interface for setup, I would hope they don’t by > default use UPnP to forward a bunch of ports through the router. > > <> > From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On > Behalf Of Paul Stewart > Sent: Wednesday, November 2, 2016 11:47 AM > To: af@afmug.com <mailto:af@afmug.com> > Subject: Re: [AFMUG] BW to work from home > > LOL .. not mine - they are secure :) I actually spent several hours doing > security scanning in my house last weekend to make sure there wasn’t some > “default” access that a vendor left open … > >> On Nov 2, 2016, at 12:40 PM, Mike Hammett <af...@ics-il.net >> <mailto:af...@ics-il.net>> wrote: >> >> With all of these DDoSes lately, those cameras will need all of the upload >> they can get. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> From: "Paul Stewart" <p...@paulstewart.org <mailto:p...@paulstewart.org>> >> To: af@afmug.com <mailto:af@afmug.com> >> Sent: Wednesday, November 2, 2016 11:38:09 AM >> Subject: Re: [AFMUG] BW to work from home >> >> So perhaps on difference there is that you can do one single stream of >> Netflix .. but in my household during the evenings there is typically 3-4 >> streams at once = ~16Mb/s >> >> Just an example of what some folks consider “need” >> >> Another reason for increased upload speed is home security cameras and stuff >> if you are storing on cloud …. I’m going to be faced with that shortly >> myself where I estimate 4-6Mb/s needed at various times (motion activated) >> to capture high quality video >> >> >> > On Nov 2, 2016, at 12:28 PM, Sam Morris <w...@csilogan.com >> > <mailto:w...@csilogan.com>> wrote: >> > >> > I have 5/1 at home and can do everything I need to do, including Netflix. >> > >> > On 11/2/2016 9:48 AM, Josh Baird wrote: >> >> What? 20/5 (or less) is still very adequate for *lots* of users. >> >> >> >> On Wed, Nov 2, 2016 at 10:46 AM, Roger Timmerman <timmer...@gmail.com >> >> <mailto:timmer...@gmail.com> >> >> <mailto:timmer...@gmail.com <mailto:timmer...@gmail.com>>> wrote: >> >> >> >> Is this a re-run from 2005? Are we really talking about 20M/5M or >> >> less still being an option and being adequate? >> >> >> >> On Wed, Nov 2, 2016 at 8:30 AM, Adam Moffett <dmmoff...@gmail.com >> >> <mailto:dmmoff...@gmail.com> >> >> <mailto:dmmoff...@gmail.com <mailto:dmmoff...@gmail.com>>> wrote: >> >> >> >> That could be part of it. I work from home with 3m/1m. It's >> >> not uncommon to have a kid watching cartoons on Netflix while >> >> I'm working. >> >> >> >> The thing is, most of what I'm doing across the network is >> >> remote terminals and remote desktops. And I'm clever enough >> >> that when I need to transfer a large file to the office I'll use >> >> WinSCP and put a speed limit on the transfer so I can keep doing >> >> other things. Some people might start the big file transfer and >> >> then call IT because nothing else works now. >> >> >> >> I'm aware that there are people using some Autodesk cloud >> >> storage/versioning thing that integrates with AutoCAD....they >> >> were told to /try /to get 10meg upload /if they can/ and I >> >> believe they might really use it. >> >> >> >> >> >> >> >> On 11/2/2016 12:25 AM, Mathew Howard wrote: >> >>> I think a lot of it is just lazy IT guys not wanting to deal >> >>> with people causing problems by watching Netflix on six TVs >> >>> while they're trying to work, so they just tell them they need >> >>> five times the speed they actually do. >> >>> >> >>> We've had customers that were told they needed something like >> >>> 3Mbps upload, but were able to do their jobs perfectly fine on >> >>> a plan with 1Mbps upload. >> >>> >> >>> On Tue, Nov 1, 2016 at 11:03 PM, Jaime Solorza >> >>> <losguyswirel...@gmail.com <mailto:losguyswirel...@gmail.com> >> >>> <mailto:losguyswirel...@gmail.com <mailto:losguyswirel...@gmail.com>>> >> >>> wrote: >> >>> >> >>> Nope... Getting more common... My daughter needs good >> >>> upstream to upload medical scans she does for several >> >>> clinics and private doctors from house or retirement >> >>> places. She had to upgrade plan from TWC to accommodate >> >>> her. >> >>> >> >>> >> >>> On Nov 1, 2016 9:52 PM, "Ken Hohhof" <af...@kwisp.com >> >>> <mailto:af...@kwisp.com> >> >>> <mailto:af...@kwisp.com <mailto:af...@kwisp.com>>> wrote: >> >>> >> >>> Twice in the past few weeks I’ve had prospective >> >>> customers say they needed a minimum of 20M/5M per >> >>> company IT dept to work from home, emphasis on the 5M >> >>> upstream. >> >>> >> >>> This is a lot more than I’ve heard in the past, and >> >>> seems high to me. In many cases even in town on cable >> >>> Internet, they will need at least a plan with at least >> >>> 50M download to get that much upload. My experience >> >>> in the past has been that even our 3M/1M plan is >> >>> actually sufficient for most people to work from home >> >>> (assuming they aren’t contending with the rest of the >> >>> family trying to watch Netflix and Youtube). >> >>> >> >>> Is this some kind of a trend, people needing that much >> >>> upstream to work from home? Or just a coincidence >> >>> I’ve had 2 requests like that in as many weeks. >> >>> >> >>> >> >> >> >> >> >> >> >