Re: Spitballing IoT Security

On 25 October 2016 at 09:37, Jean-Francois Mezei < jfmezei_na...@vaxination.ca> wrote: > > One way around this is for the pet feeder to initiate outbound > connection to a central server, and have the pet onwer connect to that > server to ask the server to send command to his pet feeder to feed

Re: Spitballing IoT Security

On 2016-10-25 04:10, Ronald F. Guilmette wrote: > If all of the *&^%$# damn stupid vacation pet feeders had originally shipped > with outbound rate limits hard-coded in the kernel, maybe this could have > been avoided. I view this differently. The problem is in allowing inbound connections and

Re: Spitballing IoT Security

In message , Jared Mauch wrote: >Top posting to provide some clarity: That's funny. Personally, I have always felt that top posting -destroys- clarity. But as Chaplin Tapman said in Catch-22 "I'm not here to judge

Re: Spitballing IoT Security

On October 24, 2016 at 13:24 r...@tristatelogic.com (Ronald F. Guilmette) wrote: >1) First, I will successfully complete my campaign to be elected King >of the World. (Given the current poltical climate, worldwide, this >should not be a problem, because I lie a lot.) Too

Re: Spitballing IoT Security

t" <h...@slabnet.com> To: "Mike Hammett" <na...@ics-il.net> Cc: nanog@nanog.org Sent: Monday, October 24, 2016 5:21:48 PM Subject: Re: Spitballing IoT Security It's possible you might have wanted to read the link for the context that pointed this out as sarcastic hyperb

Re: Spitballing IoT Security

ww.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "J. Oquendo" <joque...@e-fensive.net> To: "Steve Mikulasik" <steve.mikula...@civeo.com> Cc: nanog@nanog.org Sent: Monday, October 24, 2016 3:53:25 PM Subject: Re: Spitballing Io

Re: Spitballing IoT Security

Message - From: "J. Oquendo" <joque...@e-fensive.net> To: "Steve Mikulasik" <steve.mikula...@civeo.com> Cc: nanog@nanog.org Sent: Monday, October 24, 2016 3:53:25 PM Subject: Re: Spitballing IoT Security On Mon, 24 Oct 2016, Steve Mikulasik wrote: > i

Re: Spitballing IoT Security

IoT is not a well-defined term. IoT implementations depend on system constraints. These constraints may relate to security (problems/solutions). It would be helpful to be more specific. See https://tools.ietf.org/html/rfc7228, for example. Cheers matthias On Mon, 24 Oct 2016, Jared Mauch

Re: Spitballing IoT Security

On Mon, 24 Oct 2016, Steve Mikulasik wrote: > if we automatically blackholed those IPs as they get updated it could put a > big dent in the effectiveness of Zeus. > That would involve someone lifting a finger and implement a config change. Much easier to implement BCP38 or was it RFC 4732?

RE: Spitballing IoT Security

F. Guilmette Sent: Monday, October 24, 2016 2:25 PM To: nanog@nanog.org Subject: Spitballing IoT Security In message <e364fcea-7105-b3b9-63a9-7d22ab835...@nuclearfallout.net>, John Weekes <j...@nuclearfallout.net> wrote: >On 10/23/2016 4:19 PM, Ronald F. Guilmette wrote: jw>>

Re: Spitballing IoT Security

Top posting to provide some clarity: 1) Many IoT devices are connected via some cloud service, think Nest (for example) 2) Many IoT devices have cloud management, think of Ruckus, UBNT UniFi, etc that phone out to a site via DHCP option or otherwise. 3) Many IoT devices are something like a

Spitballing IoT Security

In message , John Weekes wrote: >On 10/23/2016 4:19 PM, Ronald F. Guilmette wrote: jw>>> ... The ISPs behind those IP addresses have jw>>> received notifications via email... rfg>> Just curious... How well is

<    1   2