Texecom Com-Ip Security

[popjon]

A researcher (not CG) has published this on the security of the com-ip: http://www.lucalo.net/2015/12/30/security-alarm-and-iot/

Personally I'd that it meets the requirements of grade 2 - but not grade 3. I was a little surprised to see how the 'encrypted' password works though. That's potentially worse than the CSL homebrew effort - at least their decryption algorithm was closed shop.

I've never used a Texecom panel. I was under the impression that Texecom brokered the connections between the com-ip and the app via their servers, thereby avoiding the need to open and forward router ports. This would explain the downtime that people have complained about on other forums. Is this not the case?

[MrHappy]

Luca, I think texecom transmitting in clear has been mentioned before?

 

I assume the encrypted udl code can be de encrypted via powershell ?

 

What banner text does the com-ip broadcast to find it the popular search engine, I can see a no. of "automated tank guage"  it default port but nothing I would think is a com-ip ?

[GalaxyGuy]

Yes, this has been discussed and is well known.

I think we are all in agreement that VPN access using the likes of Open VPN with regular updates is the way to go. Trouble with it is that the router needs to support it and it's much easier to pop open an insecure port on most routers...

[Wyatthaplo]

Interesting read. Company I work for now has all our systems on Com-Ip with port forwarding. I've never agreed with it for many reasons this just adds to my thinking that remote access is not necessarily a good thing.