ResIpsa Posted August 8, 2019 Posted August 8, 2019 I recently swapped out my home router for a BOX 2 from Bitdefender (I have been using Bitdefender's antivirus software for several years and have been very happy with it). In addition to performing traditional routing functions, BOX monitors all traffic flowing in and out of the network to make sure nothing nefarious is happening, and automatically blocks anything concerning (this is especially helpful with teenagers in the house). In addition to scanning all network traffic BOX also identifies the IoT devices on your network and then scans them for vulnerabilities. After scanning the 50+ IoT devices on my network BOX identified exactly one device that currently has a vulnerability: My ISY 994i/IR PRO (currently on version 4.7.3). Here is the notification BOX gave me: ******************************************************************** Risk Vulnerability High Insecure authentication procedure detected on ISY Home Automation Details INFO ISY Home Automation/http protocol accepts unencrypted (plain text) logins. WHAT CAN I DO Make sure that your device or service is up to date. This vulnerability should be fixed by the software provider with an update. ******************************************************************** Is it true that ISY accepts plain text logins, and if so, are there plans to correct this?
jec6613 Posted August 8, 2019 Posted August 8, 2019 Don't forward port 80 to the outside? The ISY accepts connections on both port 80 and 443, which are HTTP and HTTPS. I only allow HTTP inside of my LAN to reduce the SSL load on the tiny ISY CPU, and HTTPS only to the outside. 3
paulbates Posted August 8, 2019 Posted August 8, 2019 (edited) Its a warning message, not necessarily a problem. To @jec6613 's point, it shouldn't be a problem if your BD router and internal network devices are safe and properly secured. Two choices: Go into the Admin Console and disable port 80 / http: on the ISY and the warning will go away.... but, as pointed out.. it puts a load on the ISY slowing everything down. Opening the admin console will take a long time and it will operate slowly. For grins and giggles, last year I tried running my V5 nodeservers on SSL inside of my LAN. I got sluggish performance and performance/time out warnings from my nodeservers. I reverted to http port 80 for internal communications. Ignore the warning and be sure not route anything outside of your house on port 80. Route as little a possible outside of your house at all, even on https: port 443. I have zero ports open to the outside and use the ISY Portal for access. Paul Edited August 8, 2019 by paulbates 1
jec6613 Posted August 8, 2019 Posted August 8, 2019 Another really secure choice is to put a firewall between the ISY and everything else, and only allow certain known devices access on port 80. I do this at the VLAN level, so there are a few dozen devices that can hit port 80, all trusted, but you could create a tiny VLAN (/30 or so) and firewall it there.
Recommended Posts