Skip to content
This repository has been archived by the owner on Sep 16, 2022. It is now read-only.
Viktor Petersson edited this page May 21, 2019 · 1 revision

No firewall

  • Install Rasbian
  • Install WoTT Agent
  • Claim device
  • Show trust score
  • See vulnerabilities in dashboard
    • No firewall
    • Default credentials
  • Display recommended actions
    • No firewall enabled
    • Default credentials found
  • Fix firewall and default credentials
  • See status reflected and an updated trust score

Blocked by:

Remotely block an open port

  • Install Raspbian
  • Install telnet
  • Install the WoTT agent and claim the device
  • View the trust score and open port
  • Block the open port using the web interface

Remove hard coded credentials

  • Deploy a sample app with some API key
  • Walk the user through the scenario and the problem w/ rotating said key
  • Install the WoTT agent and update the code to read the key from the agent

Blocked by:

Device compromised

  • Install Raspberry Pi w/ WoTT agent
  • Install Falco
  • Enroll the device in the dashboard
  • View the status
  • Launch Falco's "event-generator" on the device to simulate an attack
  • Display the logs popping up in the dashboard

Blocked by:

Google Core IoT

Blocked by:

  • API keys (or client cert) and script or
  • Native Google integration
Clone this wiki locally