Securing the Internet of Things (IoT) has become increasingly difficult. Devices are often shipped with out-of-date operating systems and unmaintained code, which is littered with vulnerabilities. To add to the frustration, traditional security tools cannot be installed on many of these devices. For many users, especially home and SMBs, there are very few options with out of the box solutions. Fortunately for these users, I've discussed options on The State of Security using open source tools. Many commercial and open-source tools are available to protect networks providing access to the IoT. Bro IDS, an open-source network security monitor is an option to detect IoT traffic up to OSI layer 7. Additionally, there are free providers of threat intelligence which can integrate directly into Bro's scripting language for additional insight into malicious activities. Having all these tools at our disposal is nothing without being able to expose the data they generate. All of the data can be collected, normalized, stored, and visualized with the open-source ELK stack. Elasticsearch, Logstash, and Kibana are a powerful suite of tools designed to expose this type of machine data. As I discussed in the Sweet Security articles earlier, there are ways we can increase the performance and make the tools more intelligent. Knowing is half the battle, so you will want to know when new devices pop up on the network. The other half of the battle is deciding what to do with those new devices. Users have the ability to integrate asset discovery with Nmap and OpenVAS to determine if your new smart device poses any risk, something I haven't yet discussed here. All of these tools and methodologies run on inexpensive hardware, such as the Raspberry Pi. I will provide all the scripts and configurations to get this environment up and running in hours. If you're looking for a more scalable solution, these tactics and tools can be adapted to enterprise scale deployments, as well. I have been invited to speak at B Sides SF on the topics discussed around my Sweet Security articles. I look forward to sharing my research and having an open discussion around how we can secure these networks in the future.
When: Monday, February 29 at 10:00 AM
Where: Track 1 Main Room - DNA Lounge - 375 11th St San Francisco, CA 94103
Title image courtesy of ShutterStock
