gordonb3 wrote: > As some already responded, your SBs sit in a private network. The point > about this is not so much the firewall that sits between you and the > dangerous internet, but that no public router knows how to direct > traffic from any random machine on the internet towards any address on > your private LAN. > > No this does not mean that you are completely safe, but what it does > mean is that a hacker will have to do James Bond stuff to find out your > network details and I would dare question whether you are worth so much > trouble - not meant in any offensive way of course. The methods that > hackers use to get access to devices owned by random people are roughly > the following: > > > - you opening a web page that contains malware - you opening an email that contains executable code inline > (usually a screen saver file) - you opening an email attachment that includes a malicious macro > to be executed by the associated application > > > > > If you are something of a hobbyist the following methods may apply as > well: > > > - you opening port 25 on your firewall to expose an email server - you opening web ports on your firewall to expose a web server > with some kind of preprocessor capability (PHP, Java, Perl) allowing > random code injection - you opening the SSH port on your firewall > > > > > None of this would ever apply to your SBs. For those to load something > malicious someone would first have to hack your entire network > topology to redirect traffic from your SB away from its intended > target, towards a machine that is controlled by the hacker. Again way > too much trouble for what this type of hacker wants to accomplish, > which is really nothing else than sending spam, finding other > vulnerable machines and occasionally organizing so-called Denial of > Service attacks. > > > All of this said I still run my SB devices in a separate VLAN as I > found they are extremely loud, sending broadcasts even at a higher > rate than Apple devices do and I don't really need my workstation to > be constantly distracted from the processes I want it to run by > investigating whether it should act on those broadcasts.
But dont forget that the Chinese baby monitor or IP cam you bought and connected up on your LAN is constantly phoning home to pick up potential malware. The attacker doesnt have to target your home specifically. Targeting the manufacturers website is a single point of attention for a hacker. If successful, the millions of IOT devices phoning home will pick up the malware with no need for a targeted attack on anybody specific. The Chinese use off the shelf IOT stacks they dont necessarily understand too well and many of those are riddled with vulnerabilities. ------------------------------------------------------------------------ philchillbill's Profile: http://forums.slimdevices.com/member.php?userid=68920 View this thread: http://forums.slimdevices.com/showthread.php?t=115017
_______________________________________________ discuss mailing list discuss@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/discuss