Jump to content

Recovering a hacked ISY994i


lhranch

Recommended Posts

Posted (edited)

I rarely address my ISY994i directly, as the pushbutton controls and timed programs typically satisfy my day-to-day requirements. Today, I tried to manually open a gate for the first time in perhaps two weeks, and was refused with a "bad authentication" error message. Sure enough, I cannot login to the ISY using the proper name and password from either my phone or my computer. My ISY is exposed to the greater Internet, so it's quite possible someone brute forced the password and then reset it.

I do maintain backups, so no worries there.

I'd like to see if any password resets were logged and when. (Assuming those get logged at all, which I have no way to determine right now.)

1) If I factory reset the ISY, will I lose the log?

2) I can change out the SSD, factory reset it, power it off, and change it back.  If I do this, is my new password stored inside the ISY or on the SSD?

3) I can take out the SSD and try reading it on another device; will I be able to find the log?

4) I can use the monitor port and Putty into it, but can I read the log using serial commands? I can't seem to find a guide to the command repertoire for the monitor port.

Thanks.

Edited by lhranch
Posted

If the password is on the SSD, is there a serial command that would let me just reset it? That would be much easier than any of the alternatives.

Are the serial commands documented anywhere?

Thanks.

Posted (edited)

Never mind. I mounted the SD card, and it was relatively simply to examine the authentication information.

There was no external incursion, just embarrassing user error.

Thank you Michael.

Edited by lhranch
  • Like 1
Guest
This topic is now closed to further replies.

  • Recently Browsing

    • No registered users viewing this page.
  • Who's Online (See full list)

  • Forum Statistics

    • Total Topics
      37k
    • Total Posts
      371.4k
×
×
  • Create New...