Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Would this simple IoT configuration provide an adequate block to Internet Access?

Status
Not open for further replies.

BJZeak

Programmer
May 3, 2008
230
CA
This is a Security measure I have been using for over 10 years without really knowing if it is effective.

Objective: block an IoT device from any Internet Access but still retain local access.

Will the following measures achieve this Objective or can this IOT Device still find a way to call home or other?

Router:
- assign Non-Standard LAN/GATEWAY Address (Example: 192.168.0.96)
- netmask < 24bits (Example: 255.255.254.0)

IoT Device:
- assign Non-Standard port(s) (Example: 9250 instead of 80)
- assign Fixed IP Address (Example: 192.168.1.234)
- assign netmask = 24bits (Example: 255.255.255.0)
- set: gateway = dns1 = dns2 = device fixed IP (Example: all set to 192.168.1.234)

Expecting:
Inbound: scanners can't see devices on non-standard ports (router blocks all non-standard ports)
Outbound: IoT device won't be able to find a Gateway route because
a) points to itself as the gateway
b) a standard gateway of 192.168.1.1 doesn't exist
c) netmask would infer a gateway should exist within 192.168.1.1 - 254

Thanks in advance for any insight you can provide
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top