7

I have asked a question about Port Forwarding for non IP IoT Devices

I understand that the hub is the controller of non IP devices attached to it, and each group of devices with the same wireless technology have a common controller.

How technically can a Z-Wave device for example could be accessed from the outside through his controller (hub), does this happen through port forwarding (if it is, how this is done technically), or is there other techniques (e.g., through cloud-based platform, through hub-based platform, hole punching, UPnP….),

I am just confused, because I want to know if non IP devices are also susceptible to be attacked from the outside (e.g., Mirai Attack), because since they are both protected behind the gateway and their controller, they are less susceptible than direct connected IP devices that might be attacked only through NAT traversal using default passwords.

Sean Houlihane
  • 10,524
  • 2
  • 26
  • 62
BiG_TooTh
  • 521
  • 3
  • 8

2 Answers2

5

Non-IP devices by definition are not addressable over the Internet, so the concepts of port forwarding and UPnP do not apply. Instead, the hub has to provide a translation service. There are various standard and non-standard ways to do this.

For example, a non-standard way to control a Z-Wave device might be for the gateway to run custom software that accepts commands over IP and acts by sending Z-Wave commands to a device. A standard way might be a ZIPGateway, which provides a known method of encapsulating Z-Wave packets inside IP packets.

Whether the translation layer is standard, non-standard, or not even deliberate, there is still the potential for attack from the Internet.

Heath Raftery
  • 683
  • 3
  • 7
3

Anything that receives commands or software updates over a radio is open to attack, it doesn't necessarily need to be initiated via a internet connection. E.g.

http://iotworm.eyalro.net/

Or it doesn't even need a radio

https://en.m.wikipedia.org/wiki/Stuxnet

hardillb
  • 12,813
  • 1
  • 21
  • 34