echoit1553552783 Posted December 3, 2017 Posted December 3, 2017 Hi guys, I've been doing home automation for the past several years, and have been reasonable active on the OpenHAB and Host Assistant forums. Professionally, I've been working in cyber security through my own company. After having written a couple of posts about security a while back and listening to all the feedback, we recently decided to take a crack at doing home automation installations, with an emphasis on network and IoT cyber security. Basically, in our opinion, the traditional home network no longer offers a reasonable amount of protection when dealing with the IoT. The routers we are all using at home support only very basic functionality and have been geared to define only one or maybe two DHCP reservations. In my home I have nearly 65 internet connected devices, and it's literally impossible to stay on top of the security when they're all lumped into one virtual space. You can check this out if you're interested here: https://l.echoit.co.nz/secure-iot-home-automation-wellington Or our main website here:https://echoit.co.nz/ I'm also more than happy to help with any home automation problems or security concerns you have. Cheers!
Guest Posted December 4, 2017 Posted December 4, 2017 You raise a really good point. Consumers are very relaxed when it comes to home security and in particular their WiFi network. With a very connected home and work space, I have over 160 connected devices. I secure my network as best as possible, but I probably should give it more thought. There's most likely still a few default device passwords in there somewhere! Looking forward to your contributions echoit.
echoit1553552783 Posted December 4, 2017 Author Posted December 4, 2017 (edited) 160 is a fair amount! Are they segregated in a separate subnet? My preferred network setup is to define 4 subnets: Home Users IoT Devices IoT Controllers Guests My pet peeve is home users granting guest users access to their wifi network where they can exert complete control over their home automation! That should never happen. There might be a few exceptions, but 90% of IoT devices don't need to communicate with a home user device like a phone, since the communications normally happen through a gateway. Therefore, there should be no packet exchange between subnet 1 and subnet 2. However, this sort of setup basically requires either someone who knows what they're doing, or enterprise grade equipment, as no home router has support for more than 1 main subnet (and occasionally 1 guest subnet). The main problem is the maintenance that goes with hosting multiple DHCP leases... Like I said, IoT puts severe strange on networking when we start to realise that we need to start hiring full time network administrators just in order to keep things operating securely. Edited December 4, 2017 by echoit
MosfetMainac Posted June 1, 2018 Posted June 1, 2018 On 12/3/2017 at 5:41 PM, echoit1553552783 said: Hi guys, I've been doing home automation for the past several years, and have been reasonable active on the OpenHAB and Host Assistant forums. Professionally, I've been working in cyber security through my own company. After having written a couple of posts about security a while back and listening to all the feedback, we recently decided to take a crack at doing home automation installations, with an emphasis on network and IoT cyber security. Basically, in our opinion, the traditional home network no longer offers a reasonable amount of protection when dealing with the IoT. The routers we are all using at home support only very basic functionality and have been geared to define only one or maybe two DHCP reservations. In my home I have nearly 65 internet connected devices, and it's literally impossible to stay on top of the security when they're all lumped into one virtual space. You can check this out if you're interested here: https://l.echoit.co.nz/secure-iot-home-automation-wellington Or our main website here:https://echoit.co.nz/ I'm also more than happy to help with any home automation problems or security concerns you have. Cheers! Ironically, when I went to click on your link today I got a warning “ this webpage is not private, It may trying to steal personal or financial information...click to close this page” etc...
Recommended Posts