Security warning for users of Android devices

Yet another reason to be careful about "Internet of Things" devices.

It looks like it'd be a good idea to blackhole several of these command and control DNS names, and do some packet sniffing to see if any devices on your network are reaching out or doing anything suspicious.

EDIT: Was asked to provide more specific mitigation techniques that OpenWrt enables for you. Consider some of the following ideas:

  1. Putting Internet of Things devices on a separate VLAN, a little like the concept of a DMZ
  2. Consider preventing devices on your separate VLAN from exceeding some upload speed such as say 1/4 of your upload capacity. This can be done with SQM by configuring the "download" speed of the wifi device they are connected to.[]=sqm
  3. Consider installing Adblock and looking for a list which blocks DNS lookups of known "command and control" servers
  4. Consider doing bandwidth monitoring so you could detect if you are part of a botnet spamming upload bandwidth towards distributed denial of service targets:[]=bandwidth&s[]=monitoring

I'm not familiar with the different bandwidth monitoring solutions but perhaps others can suggest which ones are low-overhead and appropriate for such usage.


AI+ Malware around any device = Skynet from Cyberdyne Systems Corporation is comming.

1 Like

At this point, most proprietary software qualifies as malware.


I've added a few mitigation strategies to the original post so that people can become familiar with some ideas that OpenWrt enables which can improve their overall network security. Anyone who has experience with some of those and can provide more specific suggestions, particularly about the suitability of some of the competing packages feel free to chime in.


printer malware made by the same company that sold you your printer !!!!


I blocked my wife's HP printer from internet access over a year ago. Good thing I did...


̶J̶u̶s̶t̶ ̶d̶o̶n̶'̶t̶ ̶w̶a̶t̶c̶h̶ ̶T̶V̶.̶ ̶ ̶D̶u̶h̶?̶

Rejoice friends and behold!

A post was split to a new topic: Questions about how to use OpenWrt to impove network security and prevent malware