Is security and authentication of XAP nodes important?

1 reply [Last post]
rwillett
Offline
United Kingdom
Joined: 13 Apr 2012

Hi,

I was working through some ideas about connecting different types of nodes together via XAP. I looked at the specification for XAP and realised that the concept of authentication of nodes didn't seem to exist.

As far as I can see nodes exist on a network and there is nothing to stop another 'rogue' node being introduced and causing mayhem, havoc or damage. e.g. they could switch lights on and off, send SMS's and generally make life a pain.

The spec for XAP appears to go back to 2002 when people were possibly more benign, fast forward to 2012 and I would say that my assumption now is that any network will be hacked into just for the hell of it. Turning your lights on and off could be amusing for a script kiddie. The fact that most script kiddies don't know XAP is not a solution, Ignorance and obfuscation are not adequate defences against intrustion. 

Has anyone given any thought to this? Have I misssed something in my reading of the protocols? 

The hacked Livebox supports SSH and SCP (AFAIK) so we have part of the security equation. I haven't looked more closely at the components that make up the Livebox firmware changes to see if they could assist node authentication. Somebody with more experience can comment on this.

The reason I ask is that I'm looking at connecting things that have value into the network and authenticating that a node is what is says it is is important, spoofing looks easy, so how can we tell when we have a rogue element in our network?

Thoughts and arguments welcomed.

Rob

kevin9
Offline
Lincolnshire, United Kingdom
Joined: 24 May 2010
xAP is a UDP based protocol

xAP is a UDP based protocol and  is designed primarily for your local LAN. It inherently has no security. The security of your LAN, either by firewall, Wireless security setup or by physical security is outside of the scope of the specification and is the responsibility of the network administrator or for a home LAN. the primary user.

While I am sure people here (HAH users) may be interested in this subject, surely the place to discuss this would be on the general purpose xAP forum at

Automated home http://www.automatedhome.co.uk/vbulletin/forumdisplay.php?f=15

or the xAP user group on Yahoo http://tech.groups.yahoo.com/group/xap_automation/

HTH

kevinT

 

Hardware Info