[Cryptography] trojans in your printers

Peter Vils Hansen peter.vils.hansen at gmail.com
Thu Feb 26 03:05:01 EST 2015


On Thu, Feb 26, 2015 at 4:11 AM, Ray Dillinger <bear at sonic.net> wrote:
>
> In the second place my printer has no need - ever - to send or recieve
> a packet outside my home area network, and therefore its address does
> not have a hole in the firewall, in either direction, on any port.
>

I think this is probably the best general approach to keeping devices
that shouldn't connect to the Internet away from the Internet. Start
by shutting off access for all devices by configuring your router to
use a whitelist-only approach and clear the whitelist. Then add one
device at a time, on a need-to-have-access basis. It's a common
firewall configuration policy that should work well for most
households. Unfortunately, the vast majority of users tend to think
about security until they've been hacked.

Peter.


More information about the cryptography mailing list