Blog | G5 Cyber Security

Secure Your IoT Device

G5 Cyber Security

TL;DR

Your internet facing IOT device is a risk. This guide shows you how to lock it down using firewall rules, strong passwords, software updates, and network segmentation. It’s about making your device harder to hack.

1. Change the Default Password

This is the most important step! Default passwords are widely known.

  1. Find the login page: Usually, this is via a web browser using the device’s IP address (e.g., 192.168.1.10). Check your device manual if you’re unsure.
  2. Log in with default credentials: Common defaults are ‘admin/admin’, ‘user/password’, or blank username and password. Again, the manual is key.
  3. Change the password immediately: Use a strong, unique password (at least 12 characters, mix of upper/lower case letters, numbers, and symbols). A password manager can help you create and remember these.

2. Update Device Software

Updates often include security fixes. Outdated software is a hacker’s friend.

  1. Check for updates: Most devices have an update option in their settings menu (often under ‘System’, ‘Firmware’, or ‘About’).
  2. Install updates promptly: Follow the on-screen instructions. Don’t interrupt the process!

3. Configure Your Firewall

A firewall controls network traffic. We’ll restrict access to only what your device needs.

  1. Access your router settings: Usually via a web browser (e.g., 192.168.1.1). You’ll need the router admin password.
  2. Find the firewall section: Look for ‘Firewall’, ‘Security’, or ‘Advanced Settings’.
  3. Create rules to allow only necessary traffic: This is device-specific, but common examples include:
    • Allow outbound connections on ports 80 (HTTP) and 443 (HTTPS) if the device needs to connect to the internet.
    • If you need remote access, allow inbound connections on a specific port (e.g., 22 for SSH, but only from your known IP address). Avoid using default ports!
    # Example UFW rule (Linux) - Allow outbound HTTPS:
sudo ufw allow out to any port 443
  4. Block all other traffic: This is the key. Deny everything that isn’t explicitly allowed.

4. Network Segmentation

Isolate your IOT device from your main network.

  1. Create a Guest Network: Most routers allow you to create separate Wi-Fi networks. Use this for your IOT devices.
  2. Connect the IOT device to the guest network: This prevents it from accessing other devices on your home network if compromised.

5. Disable UPnP

Universal Plug and Play (UPnP) automatically opens ports, which can be a security risk.

  1. Access your router settings: As before.
  2. Find the UPnP setting: Usually under ‘Advanced Settings’ or ‘Security’.
  3. Disable UPnP: Turn it off completely. You should manually configure port forwarding if needed (see step 3).

6. Consider a cyber security Monitoring Solution

For advanced protection, look into IOT-specific cyber security solutions that can detect and alert you to suspicious activity.

Exit mobile version