PSA for you guys
I've been playing with new Home Automation software lately, and stumbled on this thread yesterday
https://community.home-assistant.io/t/home-assistant-security-concern/57914
Some HA users were hacked because they had open (forwarded) ports so they could access HA when away from home.
Its a long thread, but if you read the beginning you'll get the point of what happened.
I think they eventually figured out there was a security flaw in HA, which coupled with an open port, and a default samba configuration that allows guests (no password needed), well it was like leaving your front door open.
Guys were able to hack into a network without any passwords.
So my PSA to turn off all port forwarding.
I found an android app call RouterCheck. It found I had an open port because I had enabled FTP in my router, not because I had forwarded any ports. So I was quickly able to fix this using this app.
Randy
