Is my IoT Network being hacked?
randye007
Member Posts: 10
✭
Hi,
I use a Ubiquiti Edge Router X to segregate 3 networks in my home.
Here's the issue. I have a Raspberry Pi 4 in my IoT network which communicates with all the IoT devices. I have it assigned a static IP address. However, on a random basis, the rPi disconnects and reconnects to an available IP address presumably via the DHCP server. When I reboot the rPi, it starts off assigned the static IP, but then eventually, usually within the hour it disconnects and reconnects with an available IP address. There doesn't appear to be any pattern to when it disconnects. Is it possible one or more of my IoT devices has been compromised and is being used to attack the rPi? If so, how can I be sure? Is there such an attack that forces a device to disconnect and change IP addresses? Why didn't the router force the rPi to reconnect to its assigned static IP?
I was able to fix the issue by moving the rPi into my private network and assign it a static IP address. It has been stable ever since. But, it doesn't answer my questions regarding if my IoT network has been hacked.
For peace of mind, I will change the passwords of all the IoT devices in the IoT network.
I have a 2 Fingboxes ... one monitoring my private network and one monitoring my IoT network. New devices are set to be blocked upon entry. The Fingboxes have not detected any suspicious activity, but if the infiltrator is using an existing IoT device, I guess Fingbox wouldn't detect anything wrong.
Thanks for your feedback.
Cheers,
Randy
I use a Ubiquiti Edge Router X to segregate 3 networks in my home.
- IoT network isolated - internet access only
- WiFi Guest network isolated - internet access only
- Private network - all access
Here's the issue. I have a Raspberry Pi 4 in my IoT network which communicates with all the IoT devices. I have it assigned a static IP address. However, on a random basis, the rPi disconnects and reconnects to an available IP address presumably via the DHCP server. When I reboot the rPi, it starts off assigned the static IP, but then eventually, usually within the hour it disconnects and reconnects with an available IP address. There doesn't appear to be any pattern to when it disconnects. Is it possible one or more of my IoT devices has been compromised and is being used to attack the rPi? If so, how can I be sure? Is there such an attack that forces a device to disconnect and change IP addresses? Why didn't the router force the rPi to reconnect to its assigned static IP?
I was able to fix the issue by moving the rPi into my private network and assign it a static IP address. It has been stable ever since. But, it doesn't answer my questions regarding if my IoT network has been hacked.
For peace of mind, I will change the passwords of all the IoT devices in the IoT network.
I have a 2 Fingboxes ... one monitoring my private network and one monitoring my IoT network. New devices are set to be blocked upon entry. The Fingboxes have not detected any suspicious activity, but if the infiltrator is using an existing IoT device, I guess Fingbox wouldn't detect anything wrong.
Thanks for your feedback.
Cheers,
Randy
0
Answers
-
Robin (Admin at Fing)
Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!0
Categories
- 5.8K All Categories
- 2.8K Ask about Connected Technology
- How To...
- 1.1K Devices & Security
- 1.6K Network Troubleshooting & Connectivity
- 114 General Discussion, Weird & Wonderful
- 45 Network Infrastructure
- 5.4K Ask about Fing
- 545 Fing Account Change Request
- 1.1K Fing Desktop
- 1.4K Fing App
- 1.7K Fingbox
- 534 Announcements, Beta Testing & Release Notes
- 158 Community Updates
- 29 Getting started
- 13 Community User Guides