Announcement

Collapse
No announcement yet.

How safe do you feel?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    How safe do you feel?

    I got a strange feeling when I created an IFTTT recipe to open my garage doors. How secure is it to have your whole house (or portions thereof such as door locks, alarm systems, etc) exposed with several outside servers. There is Myhomeseer, Amazon Echo, IFTTT, others that in my mind present an exposure. Would like to hear some comments from other. Why shouldn't we be worried? Understand the a hacker would need to put the ID together with an residence address to take damaging action (in most cases).
    Last edited by basshook; May 28, 2016, 02:37 PM.

    #2
    How safe do you feel?

    Personally I used to have the same concerns. I just added a door lock within the last 6 months. Being residential, I have to keep telling myself, keep network secure and that's about the best you can do. Most people that would break in probably are not going to try to hack my house, and will probably still use the most easiest way to get into a house. A rock thru a window. I have a security system and two hungry dogs. I am not as concerned anymore.

    I also live by the motto that locks are only for honest people.

    Comment


      #3
      If you are worried about it, set HS up to notify you anytime something "critical" happens. That way you'll know right away if someone is opening garage doors, etc.

      Cheers
      Al
      HS 3.0.0.548: 1990 Devices 1172 Events
      Z-Wave 3.0.1.262: 126 Nodes on one Z-Net

      Comment


        #4
        Originally posted by waynehead99 View Post
        I also live by the motto that locks are only for honest people.
        My uncle was fond of nearly the same line. When I was a very young boy my dad and I visited his repair "shop", which was one of several areas that had been carved out of a public space. There was a hinged wood panel that came down to close off the counter area, and a small padlock to secure it. When my dad asked him if the lock was good enough, he responded, "Well, it keeps the honest people out."

        I've always assumed that someone determined to break in will do so, and the counter measures necessary to repel them are likely to be a bigger aggravation to me than they are worth. On the other hand, I do not consider locks that require a physical key and a garage door that requires me to push a button to open it are too much aggravation. Besides, they just may increase the incentive for someone looking for a target to look somewhere else. As the saying goes, You don't need to outrun the bear, just don't be the slowest one running away.
        Mike____________________________________________________________ __________________
        HS3 Pro Edition 3.0.0.548, NUC i3

        HW: Stargate | NX8e | CAV6.6 | Squeezebox | PCS | WGL 800RF | RFXCOM | Vantage Pro | Green-Eye | Edgeport/8 | Way2Call | Ecobee3 | EtherRain | Ubiquiti

        Comment


          #5
          Here in Nova Scotia we don't need to lock our doors.
          Real courage is not securing your Wi-Fi network.

          Comment


            #6
            Originally posted by Wadenut View Post
            Here in Nova Scotia we don't need to lock our doors.
            Except Dartmouth?
            HS 3.0.0.548: 1990 Devices 1172 Events
            Z-Wave 3.0.1.262: 126 Nodes on one Z-Net

            Comment


              #7
              I didn't know igloos had doors.

              Comment


                #8
                Originally posted by Wadenut View Post
                Here in Nova Scotia we don't need to lock our doors.
                Originally posted by mikaluch View Post
                I didn't know igloos had doors.
                The door is a block of ice
                HS 3.0.0.548: 1990 Devices 1172 Events
                Z-Wave 3.0.1.262: 126 Nodes on one Z-Net

                Comment


                  #9
                  Originally posted by Wadenut View Post
                  Here in Nova Scotia we don't need to lock our doors.
                  Yeah. In the sleepy hamlet full of hippies and academics where I live locking doors is not really an issue. I have HS lock my doors all the time though.... just because I can. I never locked my door once before I got a Z-Wave lock.
                  Originally posted by rprade
                  There is no rhyme or reason to the anarchy a defective Z-Wave device can cause

                  Comment


                    #10
                    Originally posted by sparkman View Post
                    Except Dartmouth?
                    Halifax/Dartmouth are in a world of their own. I don't think locking anything there helps.



                    Originally posted by mikaluch View Post
                    I didn't know igloos had doors.
                    Well. there is that.
                    Real courage is not securing your Wi-Fi network.

                    Comment


                      #11
                      I agree that someone that REALLY wants to get in, will.
                      Be that as it may, my system is locked up behind a VPN. I ONLY have access when connected through the VPN or on my local network. To the best that it can be - as Mike alluded to - without being so secure that it is a pain to use.

                      For any remote access that I need, I use AutoRemote (started to use that Before the Tasker plugin and was too far down the rabbit hole to start over). What's great is there are no open ports. The PC makes a secure connection to Google, my phone does the same. Messages pass through there. Since I have the VPN access, I don't even bother opening ports any longer. Even my travel router I use can gain access to it's OWN VPN network - which then has rules to allow my nearly "local" access while traveling. Best part is, with AutoRemote and SSH access to my PFSense instance, I just ping it that I want access, I get a message back with the IP du jour (thank you cable company). In the time it takes for me to get that IP in the client, EventGhost opens up the VPN port (something up above 19,000...I think? I honestly don't remember). I access. When done, I send another AutoRemote message and it gets closed. My backup is a FreedomPop cellphone. Same thing, but it has it's OWN internet and I can send SMS to it to gain access if there is some issue with my EventGhost setup. Best part about the cellphone, with Freedom Pop, since it is a basic service phone, I bought the phone for $50 or something. I get 200 voice minutes, 500 text messages and 500MB of data for free every month. I only bought the phone (and that was on a sale!).

                      Now you might be thinking, "he's nuts"...maybe, but the last 6+ months when I was not on here, I Homeseer was stable. So, I set out upgrading my server and everything else to be totally virtualized using ESXi. Best move I EVER made. Now my router is a virtual machine of PFSense. Give that OS the power of a 8 core (plus HT) Xeon Server and it is AMAZING what you can do. Add in Snort or other intrusion type things, stick in VLAN coupling with a Netgear ProSafe switch (supports VLAN), toss in 1 WLAN PCIe NIC and you will be rather amazed what you can do with your network! Below I mention gateway, I have two internets. DSL and CABLE. Bound them together with rules. Really cool stuff. I also have a second network just for my work stuff (don't need the IS department snooping on my home network!).

                      Anyway, here's my wireless setup, so you can confirm my craziness:
                      Anything on my WLAN is not allowed to access that machine. There is 1 WLAN that does have access, but the wireless transmit power is weak, authentication security is high and really is setup so that I can access that machine for maintenance from my house only. From what I've tested, with the antenna for that in the basement and as weak as the signal is, I can barely connect when outside the house. Signal is REALLY weak. If you are ABOVE it - inside the house, it seems to work good enough that I do not have to get on a PC with wire just to mess with it. Besides, if I really need something I have a Pixel C now - just hook in the wired ethernet and away I go!

                      This is done on purpose to reduce the chance of someone entering my network and gaining access - more so as an annoyance since a malevolent person can spoof, or clone, or whatever to gain access to wireless. I feel that anyone that IS going to gain access will - but then again, there are probably other reasons that this person is THAT intent on causing me harm. I live in a subdivision and with my wifi sniffer, I can see close to 30 networks from my house. I'm taking "the club" [ h t t p ://winner-intl.com/ ] approach. If someone were to be out there trying to access...I just made it hard enough that someone would probably call the police on a suspicious car sitting there. State Trooper across the street and being on a culdesac..we do not get people that have no intent on visiting.

                      My network is just more difficult than most, dare I say everyone in my neighborhood. I have also left a network mildly difficult to gain access that should lure someone into there. The rules of PFSense allow me to grant certain access, which basically is:
                      *once someone is on that network, it allows 500KB of data through my gateway on web ports, blocks pinging the network with 0 dropped packets.
                      *all other packets are blocked/dropped as needed
                      *This SHOULD give the illusion that one has gained access but there are no PCs on the network at this time. Only the internet. So...move along...nothing to see here. Kind of like a honey pot in a way. When the internet finally drops out (500KB burns fast on our media rich environments of today) the idea would be ehh...better things to do with my time than try to work on this network...again...move along...nothing to see here.

                      My last issue that I've not been able to crack at this time, the VPN I have ONLY works on 1 gateway at a time. I have NOT been able to get it to work from the BOUND gateway. I've followed a few guides...luckily I have the virtual machines. I had to revert each attempt so far. The worst one locked me out of the ESXi instance so well that I had to actually log in using a <shudder> physical keyboard AT the server! Well, revert and all was well again. I know, well more believe that it can do this...there are quite a few guides out there...but I just have not found the right one that has the RIGHT steps for the specific settings that my PFSense instance has.

                      It's also one reason I use the VPN through my travel router when traveling. Any of my personal stuff tunnels out over the VPN and I look like I am surfing from my house (with highly restrictive rules of course since this is not as trusted as if I were at my house). Mostly helps me when I'm in countries that begin with CHange and ends with tINA or begins with INdigo and ends with DIAphram - countries that have restrictive internet (no Netflix while traveling...WHAA?).

                      The router of course also protects me from network snooping as I was behind my travel router's firewall (which has NO ports open). I was able to see my coworker's shared files over the hotel wifi...I realize that this wifi is not as secure as my home, but better than nothing. Also using that router with a second travel router lets me connect to wired or wireless hotel networks WHILE having my OWN WLAN/LAN so I can actually use my Chromecast while traveling. VERY nice.

                      Sorry that got long, but you asked the right question that basically summed up one major thing I had been working on for 3 of the past 6 months. It was a long and difficult journey, but now that I am here, it was worth EVERY effort that I put into it.

                      --Dan
                      Tasker, to a person who does Homeautomation...is like walking up to a Crack Treatment facility with a truck full of 3lb bags of crack. Then for each person that walks in and out smack them in the face with an open bag.

                      Comment


                        #12
                        Last night my PFSense power brick blew up (literally melted) and trashed the BSD hard drive on it's way out.

                        I tried a repair and it didn't work restoring my configuration so I built it from scratch.
                        - Pete

                        Auto mator
                        Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.12.X - HSTouch on Intel tabletop tablets
                        Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.12.X
                        HS4 Pro - V4.1.17.0 - Ubuntu 20.01/VB W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono
                        6.12.0.122
                        HS4 Lite -

                        X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

                        Comment


                          #13
                          Originally posted by Pete View Post
                          Last night my PFSense power brick blew up (literally melted) and trashed the BSD hard drive on it's way out.

                          I tried a repair and it didn't work restoring my configuration so I built it from scratch.


                          That brings a whole other bag of worms on how safe you feel with all this electrical stuff we add. It's a concern in the back of my head all the time. Especially dimmers and switches.

                          Comment


                            #14
                            I had a fluke electrical thing a few years back that took out 90% of my Insteon switches.

                            I have a commercial style TVSS next to the panel. This device has alarm panel connections (a bit overkill; but a great deal on the purchase).



                            The outdoor AC condensor contactor shorted out, back feeding 220VAC to the house electric. Mostly the circuit breakers kicked on (except for a couple of them).

                            The outdoor HVAC unit did catch fire and melted the freon lines releasing all of the freon. I installed another surge protector outside next to the HVAC compressor last year (or year before).



                            This all happened on a very warm and muggy nigh (and it was raining).

                            That ended my Insteon use and I finished migrating to UPB.

                            I have had one Z-Wave switch do a flash a burn behind the family room coach once. (only one to date).
                            Last edited by Pete; June 2, 2016, 06:12 PM.
                            - Pete

                            Auto mator
                            Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.12.X - HSTouch on Intel tabletop tablets
                            Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.12.X
                            HS4 Pro - V4.1.17.0 - Ubuntu 20.01/VB W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono
                            6.12.0.122
                            HS4 Lite -

                            X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

                            Comment


                              #15
                              where i live and the type of house i live in, im not worried about someone hacking my system to open the doors.

                              they are more likely to kick in the door and just go with that.

                              now the electric stuff melting into slag and causing a fire is a concern.
                              HS3 Pro on Windows 8 64bit
                              53 Z-wave nodes(46 devices, 7 remotes), 15 DS10a's, 10 ms16a's, 9 Oregon Sensors, W800, RFXCOMtrx433, Way2Call, 3 HSTouch Clients, 2xRussound CAS44, Global Cache GC100-12,10 Rollertrol blinds(+ zwave) ,3 Squeezebox Radios and 1 Squeezebox Boom,DMX Arduino via ethernet,Rain8Net,3x Echo Dot's


                              Check out my electronics blog here:
                              https://www.facebook.com/RaptorsIrrationalInventions

                              Comment

                              Working...
                              X