This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm that you accept these cookies being set.

Problem with remote KNX programming on port 3671
#9
(10.11.2021, 14:12)Erwin van der Zwart Wrote: For those who have missed the news article of knx.org: https://www.knx.org/knx-en/for-professio.../index.php

What is missing in this message is what the hackers are doing at this moment, and why it is so critical to close port 3671 for public access.

Currently hackers are scanning for open ports to unprotected KNX installations and when found they scan for all the bus devices from any brand/manufacturer and delete the programming of the device, next to that they enable the BCU password on the affected devices and make it impossible to re-program the device. In theory this means the device is locked and must be replaced.

As you understand this brings high costs for labor and hardware and the original latest programming must be available. Last week there are several cases i have heared of in different countries and different product ranges/manufacturers.

This is why we keep pushing for avoiding open ports as this is a quick and dirty approach and put you and your customers at high risk for these threats.

For remote access use appropiate measurements like VPN and KNX IP secure and move away from the dangerous port forwarding method!

Confirmed..... Avoid the opening of the port 3671 on the client router. It is very dangerous.
Reply


Messages In This Thread
RE: Problem with remote KNX programming on port 3671 - by CristianAgata - 10.11.2021, 20:40

Forum Jump: