4. IoT Intro ..!
IoT is simply the network of interconnected things/devices which are
embedded with sensors, software, network connectivity and necessary
electronics that enables them to collect and exchange data making
them responsive.
IoT Component..!
1. Hardware
2.software
3. Communication Infrastructure
9. What are they ..?
1. web login pages
2. cctv dvr login pages
still working on this..!
I1.Insecure Web Interface
..Weak credentials
..Weak passwords
..Capture plaintext credentials
..Internal and external vulnerability
15. I3.Insecure Network Services:
.. Attack vulnerable network services
.. Attack device itself
.. Bounce attacks off of the device
.. Buffer overflow attacks for Denial of Service
.. Sniffers and fuzzers and Scanners
21. I4 . Lack of Transport Encryption:
.. Easy view of unencrypted data passing between or over networks
.. Traditional crypto vulnerabilities
associated with SSL and TSL i.e. Man In the Middle attacks etc.
.. Compromised Transport Layer means everything above it is
vulnerable
24. I5 Privacy Concerns:
.. Insufficient authentication
.. Lack of transport encryption and storage of data in encrypted format
.. Insecure network services
.. Collection of unnecessary personal data
28. I6 Insecure Cloud Interface:
.. Insufficient authentication
.. Lack of transport encryption and storage of data in encrypted format
.. Attack likely from the Internet
.. Easy to guess credentials
.. Using password reset mechanism to see if account exist
.. Identify is SSL is in use
.. Account enumeration
31. I7.Insecure Mobile Interface:
.. account lockout mechanism
.. Insufficient authentication
.. Lack of transport encryption and storage of data in encrypted format
.. Attack likely from the Internet
.. Easy to guess credentials
.. Using password reset mechanism to see if account exists
.. Identify is SSL is in use
.. Account enumeration