Jump to content

Steps to disconnect from Portal/Wan during a suspected hack or as a drill


rayg

Recommended Posts

Posted

Hello, I would like to know what steps people would take if we found ISY was under attack from external hack either via portal / portal partner or directly from WAN?

I am not a frequent user of the Admin module and would not want to pussy foot around the interface in case I needed to disconnect the ISY from the Web.

I recall an option to turn off external access but that was before I became a portal users.

And even if that checkbox were still there, I wonder if it would stop portal access.

Thanks

...Ray

Posted

If you have a router with no port forwarding enabled, you just need a good virus and spyware scanner to eliminate these Trojan Horse style threats.

If you were attacked via the ISY Portal, you would need to contact UDI and let them block the attack through the portal, including changing your passwords.

Posted

If you need to block access from ISY Portal:

1. Review your ISY Portal account users on the users tab. Remove those not needed, and change the passwords for those users you want to keep. This will block any access through the UI or APIs using "basic auth".

2. If you gave access to an Echo skill, Google Home and/or Polyglot, a change of password is not enough. If you want to block any access, including those you gave access, do this:

a) Create a NEW user profile with admin rights

b) Login with the new profile

c) Delete the old one. Any oAuth access and refresh tokens issued to third party apps using the old profile will no longer work.

Benoit

  • Thanks 1
Guest
This topic is now closed to further replies.

  • Recently Browsing

    • No registered users viewing this page.
  • Forum Statistics

    • Total Topics
      37.2k
    • Total Posts
      372.4k
×
×
  • Create New...