New LM auto sniffing thru network - Printable Version +- Logic Machine Forum (https://forum.logicmachine.net) +-- Forum: LogicMachine eco-system (https://forum.logicmachine.net/forumdisplay.php?fid=1) +--- Forum: Gateway (https://forum.logicmachine.net/forumdisplay.php?fid=10) +--- Thread: New LM auto sniffing thru network (/showthread.php?tid=2019) Pages:
1
2
|
New LM auto sniffing thru network - Kai-Roger - 10.04.2019 Hi. There is one LM5 connected to a router. I have now connected a new LM to the same router. The new LM is set to TP-UART, but it is not connected to KNX bus. All configurations on the new one is factory set. Why is the new LM bus sniffing the KNX bus witch is purely connected to the old LM? BR Kai-Roger RE: New LM auto sniffing thru network - Daniel - 10.04.2019 LM always listen on ip even when tp is selected. Change multicast to make them invisible on ip. RE: New LM auto sniffing thru network - Kai-Roger - 10.04.2019 (10.04.2019, 22:01)Daniel. Wrote: LM always listen on ip even when tp is selected. Change multicast to make them invisible on ip. So as long as i have factory setting on the multicast, anyone who gain access to the network, can connect a LM and bus sniff out the information, and take control over the bus trafic?. I'm not sure if i like the thought of that. RE: New LM auto sniffing thru network - Erwin van der Zwart - 10.04.2019 That is how KNX is designed, you don’t need a LM to sniff and find all communications, you can do the with the ETS as well, there are even apps to scan KNX traffic. Now the protocol is moving slowly to KNX secure. Not sure if that’s what we want as it makes it less open and not easy to handle in case of a project that is not programmed by you and you don’t have a .knxproj file. Will be fun (: BR, Erwin New LM auto sniffing thru network - Kai-Roger - 11.04.2019 Yes i agree with the most of what you say, but KNX is wired and physically safe from hackers. When i use LM, anyone who hack my Wifi can get access to the bus without any username and password. That 's my concern. RE: New LM auto sniffing thru network - ferrim - 11.04.2019 (11.04.2019, 07:00)Kai-Roger Wrote: ".. but KNX is wired and physically safe from hackers." I'm not really sure about this... RE: New LM auto sniffing thru network - Daniel - 11.04.2019 This is why in LM you can enable secure communication by adding password in KNX settings. You can disable normal communication too. RE: New LM auto sniffing thru network - Kai-Roger - 11.04.2019 (11.04.2019, 07:35)ferrim Wrote:(11.04.2019, 07:00)Kai-Roger Wrote: ".. but KNX is wired and physically safe from hackers." Care to explaine why your not sure? (11.04.2019, 10:51)Daniel. Wrote: This is why in LM you can enable secure communication by adding password in KNX settings. You can disable normal communication too.Thanks. Will look into it. RE: New LM auto sniffing thru network - ferrim - 11.04.2019 Care to explaine why your not sure? Maybe we have different sensitivities on this topic but I think that considering physical connections as intrinsically safe is a mistake that can cost you a lot... BR RE: New LM auto sniffing thru network - Kai-Roger - 11.04.2019 (11.04.2019, 11:28)ferrim Wrote: Care to explaine why your not sure? What i'm talking about, is that the KNX cables that are hidden in the walls an junction boxes in a locked house is definitively a much safer case, than the possibility that someone can sit in their car out on the street and hack my bus trafic via wifi and IP gateway. I'm sure you must understand that there is a huge difference regarding the safety in this setting. Im not talking about the difference between encrypted bus trafic or not. BR RE: New LM auto sniffing thru network - ferrim - 11.04.2019 (11.04.2019, 11:38)Kay-Roger Wrote: What i'm talking about, is that the KNX cables that are hidden in the walls an junction boxes in a locked house is definitively a much safer case, than the possibility that someone can sit in their car out on the street and hack my bus trafic via wifi and IP gateway. I'm sure you must understand that there is a huge difference regarding the safety in this setting. I agree, the problem remains when we talk about very large plants where vulnerabilities are greater and the attacker can be very motivated RE: New LM auto sniffing thru network - Kai-Roger - 11.04.2019 (11.04.2019, 11:52)ferrim Wrote:(11.04.2019, 11:38)Kay-Roger Wrote: What i'm talking about, is that the KNX cables that are hidden in the walls an junction boxes in a locked house is definitively a much safer case, than the possibility that someone can sit in their car out on the street and hack my bus trafic via wifi and IP gateway. I'm sure you must understand that there is a huge difference regarding the safety in this setting. Yes in large facilities the safety measurements must be much higher. Maybe CanX with encrypted communication can be the solution in the near future (: RE: New LM auto sniffing thru network - ferrim - 11.04.2019 (11.04.2019, 12:00)Kai-Roger Wrote: Yes in large facilities the safety measurements must be much higher. Maybe CanX with encrypted communication can be the solution in the near future (: I'm really excited about the CanX evaluation kit and I'm sure it will meet expectations! RE: New LM auto sniffing thru network - Thomas - 11.04.2019 My point of view is that the lack of security is one of the biggest KNX issues nowadays. I can imagine I visit a random bathroom in KNX based building, sit on a toilet, unscrew the PIR sensor, connect my laptop to KNX wires and start sniffing packets. I can sniff less or more depending on line couplers configuration but in general there's no way how to prevent me doing it. I'm curious so my question is: Is there an alternative bus which is: - cryptographically strongly secured - Two wires based with power available in these wires - Reliable in noisy environment - Routable - Allows mixing of topology (I mean line, star etc) - Non master/slave model oriented RE: New LM auto sniffing thru network - Erwin van der Zwart - 11.04.2019 True, but i work with KNX for 30 years now and still need to see the first TP hack.. So is it a hot item? In theory: yes (but that is already 30 years the case), in practice: not so sure.. BR, Erwin RE: New LM auto sniffing thru network - Kai-Roger - 11.04.2019 (11.04.2019, 14:26)Thomas Wrote: I'm curious so my question is: Is there an alternative bus which is: Appart from the "-Two wires based with power available in these wires", isn't this the description for CanX? BR RE: New LM auto sniffing thru network - ferrim - 11.04.2019 (11.04.2019, 15:32)Erwin van der Zwart Wrote: True, but i work with KNX for 30 years now and still need to see the first TP hack.. I remember a phrase attributed to the Cisco's CEO: "There are two types of internet connected companies, those that have already suffered an intrusion and those that have not yet discovered it" I think it could also apply to KNX. Cheers, Marcello RE: New LM auto sniffing thru network - Erwin van der Zwart - 12.04.2019 Hi, This is my personal opinion and not from the company, off course is Schneider Electric implementing security where posssible, also KNX secure. In my opinion is security on the IP side a must, but implementing it on the TP side does raise some question marks if you ask me, we already see a lot older projects where the programming is not available anymore due to a lot of reasons. Reconstructing a dated site happens quite a few times, what do you think will happen when sites have knx secure? I personally think we see a lot more sites where reconstruction is needed due to lost encryption details that only the original programmer has.Devices with KNX secure that lost encryption details cannot be unlocked and need to be restored by the manufacturer. As i never seen any local TP hack, and don’t see any (financial) benefit for any hacker to spend time on it or to even try it, i have question marks if it’s worth all the risks of locked systems. But again my personal view is that the risk of someone with a laptop in the toilet connectiong to the TP is so low that does not weight up to the risks and issues when encryption details are lost.. BR, Erwin RE: New LM auto sniffing thru network - ferrim - 12.04.2019 (12.04.2019, 05:53)Erwin van der Zwart Wrote: Hi, Hi Erwin, all true, but to complicate the KNX programmers life, there's no need to bother with the encryption keys or other stuff, as long as manufacturers continue to use plug-ins for device programming and life becomes hell ;-) Ok, now I'm OT Thank you for your time and have a good day, Marcello RE: New LM auto sniffing thru network - FatMax - 12.04.2019 https://www.welivesecurity.com/2014/08/08/internet-of-things-mayham-in-200-room-hotel-hack/ |