popjon Posted January 1, 2016 Posted January 1, 2016 A researcher (not CG) has published this on the security of the com-ip: http://www.lucalo.net/2015/12/30/security-alarm-and-iot/ Personally I'd that it meets the requirements of grade 2 - but not grade 3. I was a little surprised to see how the 'encrypted' password works though. That's potentially worse than the CSL homebrew effort - at least their decryption algorithm was closed shop. I've never used a Texecom panel. I was under the impression that Texecom brokered the connections between the com-ip and the app via their servers, thereby avoiding the need to open and forward router ports. This would explain the downtime that people have complained about on other forums. Is this not the case? Quote
MrHappy Posted January 1, 2016 Posted January 1, 2016 Luca, I think texecom transmitting in clear has been mentioned before? I assume the encrypted udl code can be de encrypted via powershell ? What banner text does the com-ip broadcast to find it the popular search engine, I can see a no. of "automated tank guage" it default port but nothing I would think is a com-ip ? Quote Mr Veritas God
GalaxyGuy Posted January 1, 2016 Posted January 1, 2016 Yes, this has been discussed and is well known. I think we are all in agreement that VPN access using the likes of Open VPN with regular updates is the way to go. Trouble with it is that the router needs to support it and it's much easier to pop open an insecure port on most routers... Quote
Wyatthaplo Posted January 22, 2016 Posted January 22, 2016 Interesting read. Company I work for now has all our systems on Com-Ip with port forwarding. I've never agreed with it for many reasons this just adds to my thinking that remote access is not necessarily a good thing. Quote Work Website: http://www.welch-group.co.uk/ Personal Blog: http://wyatthaplo.blogspot.com/
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.