F-4Phantom
Occasional Visitor
I have a thermostat that is one of the notorious ones for getting hacked. The OEM completely stopped all support for it. It's a $700 thermostat, and I like it better than any other one on the market.
Unfortunately it constantly gets infected with malware and turned into part of a botnet. I've been able to temporarily overcome that in the past by flashing new firmware updates. But there are no further updates, and there is zero access to the low-level OS (Android). There is no option for factory reset. And even if there was, the OEM has it locked such that I'd have to call an HVAC company to come out and re-program it for my specific air handler and outdoor units.
I noticed it was sending 30+MB of traffic per day, so I've banned it from the router.
I'm wondering if I can use Skynet to specifically lock it down and blacklist all inbound and outbound traffic to that specific client, and then whitelist only the few IP's or domains that may be needed to restore normal connectivity. I can assign it a static IP if needed.
Is this feasible using Skynet and its logging? That seems like a better option that having to go through all the trouble to get Wireshark up and working and try tracing all the packets.
Unfortunately it constantly gets infected with malware and turned into part of a botnet. I've been able to temporarily overcome that in the past by flashing new firmware updates. But there are no further updates, and there is zero access to the low-level OS (Android). There is no option for factory reset. And even if there was, the OEM has it locked such that I'd have to call an HVAC company to come out and re-program it for my specific air handler and outdoor units.
I noticed it was sending 30+MB of traffic per day, so I've banned it from the router.
I'm wondering if I can use Skynet to specifically lock it down and blacklist all inbound and outbound traffic to that specific client, and then whitelist only the few IP's or domains that may be needed to restore normal connectivity. I can assign it a static IP if needed.
Is this feasible using Skynet and its logging? That seems like a better option that having to go through all the trouble to get Wireshark up and working and try tracing all the packets.