Setting up vulnerability

Topic

New Reply

So my main television died this week. We got a replacement one and then spent several hours and getting it set up just the way we wanted it. As I was
[See the full post at: Setting up vulnerability]

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

lmacri

Reply | Quote

Replies

Nmap with the ZenMap GUI is a good tool for evaluating individual devices.

https://nmap.org/download.html#windows

We have an LG Smart TV that runs WebOS, and our version is not on the list of vulnerable versions.

Router firewall zones are configured by network type, and traffic rules by network, port, and device.

Additionally, the TV is on a Guest Network with client isolation turned on, so it can only talk to the Internet…no other devices on its network, or any of our other devices on other networks.

We treat it like any other IoT device.

One thing about GRC’s Shields Up results…

“Stealth” simply means (to GRC) that there was no response to an ICMP ping.

End users frequently turn it off on single stack IPv4 connections, but IPv6 needs ICMP ping enabled.

So folks may be wondering why they’re getting “Closed” instead of “Stealth”, when testing with IPv6.

 

 

 

2 users thanked author for this post.

windbg, Bob99

Reply | Quote

Or is it that they didn’t have the various models to test?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

OldGuyForum wrote:

One thing about GRC’s Shields Up results… “Stealth” simply means (to GRC) that there was no response to an ICMP ping. End users frequently turn it off on single stack IPv4 connections, but IPv6 needs ICMP ping enabled. So folks may be wondering why they’re getting “Closed” instead of “Stealth”, when testing with IPv6.

Now that you’ve mentioned it here for everyone’s knowledge (seriously, TYVM), I suppose it might be a good idea to mention it on Steve Gibson’s web forums as well, so he might be able to add a note about it to the Shields UP! page, which currently has not even a mention about IPv6!

https://forums.grc.com/forums/security/

Reply | Quote

For those who like reading about tech complications and the human angle to it, I can warmly recommend this guy’s posts:

https://autosaveisforwimps.substack.com/

Quote:
Alistair Dabbs is a freelance technology tart, juggling tech journalism, training and digital publishing.

May contain NUTS and related stuff NSFW.

Reply | Quote

Only use the TV as a monitor.  Windows PC as HTPC via an AVC to do most of the work.  It does have Chromecast which I experimented with but don’t need.

1 user thanked author for this post.

Cybertooth

Reply | Quote

Susan Bradley wrote:

Or is it that they didn’t have the various models to test?

Can’t speak to that.

However, our WebOS version is currently up to date.

So worst case, if the LG Smart TV were somehow “compromised”, we would do a factory reset…

https://www.lg.com/us/support/help-library/lg-tv-how-to-reset-my-lg-smart-tv–1441914092672

…take it offline, and look for the hole.

Nmap (mentioned above) port scan doesn’t show any concerns.

However, since there is no “LG Defender” running, I wouldn’t plug any unchecked USB device (i.e. additional storage) in to the TV.

 

 

Reply | Quote

I have an old computer running Windows 10 on my living room computer. The TV is an external monitor on the computer. I have a wireless mouse and keyboard on my coffee table. Connects wirelessly for now, until one of these days when I wire my house with CAT6.

Works very well.

I turned off wifi connectivity on the TV. I prefer to use a computer for the video streaming, because it is easier to secure a computer than a TV.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote