On 24/06/2019 17.32, Dave Howorth wrote:
On Mon, 24 Jun 2019 00:12:21 +0200 "Carlos E. R." <> wrote:
On 23/06/2019 16.05, Dave Howorth wrote:
I never got an answer from anybody in this thread about any software or other technique for detecting and/or thwarting IoT devices that try to phone home without asking permission.
If you are interested in that, you should ask a question about that, with an appropriate subject line ;-)
I don't think it is possible, if they work hard at going out... At least not easy.
You need an egress firewall, placed at the gateway to internet or at the WiFi Access Point. SuSEfirewall ain't that. It has to block outgoing connections coming from the IP of the IoT gadget in particular, and you have to know it, and fix it using DHCP.
I think I've got the first half of a solution. I just upgraded my internet connection (to a measurable fraction of yours) and part of the upgrade was a new router. It's a Fritz!Box 7530 and it appears it has parental controls that allow me to block devices from the internet. When a new device is added to the network, it is automatically allocated to the 'Standard' profile, so I just changed that to block all internet traffic. I moved all my existing devices that need internet to an 'Unrestricted' profile and left some devices, like my data logger, on Standard.
It seems to work. My PC can still acess the web, and my data logger gets 'packet filtered' reports if I try to ping an external host.
Not even your guests
So that should stop things phoning home.
I think so, unless they use some "clever" trick I can't think about. For instance, an evil someone could listen to the traffic, see an IP that is authorized to get out, and when that IP is not running, pose as it.
Now I need to figure the best way to see what they're trying to do. Presumably wireshark or somesuch can do that?
Yes. And others, like iptop, can tell a bit. -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)