[Cryptography] trojans in your printers

Abe Singer abe at oyvay.nu
Thu Feb 26 22:18:41 EST 2015


On Thu, Feb 26, 2015 at 09:05:01AM +0100, Peter Vils Hansen wrote:
> On Thu, Feb 26, 2015 at 4:11 AM, Ray Dillinger <bear at sonic.net> wrote:
> >
> > In the second place my printer has no need - ever - to send or recieve
> > a packet outside my home area network, and therefore its address does
> > not have a hole in the firewall, in either direction, on any port.
> >
> 
> I think this is probably the best general approach to keeping devices
> that shouldn't connect to the Internet away from the Internet. Start
> by shutting off access for all devices by configuring your router to
> use a whitelist-only approach and clear the whitelist. Then add one
> device at a time, on a need-to-have-access basis. It's a common
> firewall configuration policy that should work well for most
> households. Unfortunately, the vast majority of users tend to think
> about security until they've been hacked.
> 

The nice thing about not giving the device a default route, as opposed
to filtering at the border, is that the "block" works independent of any
other devices.  More than once I've seen a firewal that was supposed
to be blocking all kinds of things, but one incorrect addition to the
ruleset exposed everything, without anyone realizing it at the time.


More information about the cryptography mailing list