I got hacked

This is nearly the same as moving the jewelry, but leaving the window to your house open.

Update: because your dog was barking.

2 Likes

Ha good one, but I donā€™t quite get it. Are you saying it wasnā€™t hass or the lack of securing my system. If there are open ports on my firewall that IS my fault and I need to fix it. Unplugging my exploited Hass instance is a stop gap measure. Either way it is fairly targeted. While this was hack was occuring I looked at hass and it was using the tts component to send this message to my tv. Why someone would send that particular message is beyond me

Read some posts ago.

My mqtt ports are not forwarded to the internet. The samba was not forwarded as well however unsecured

Ok someone smack me upside the head, virtually of course. I had port 8123 forwarded to my static IP of the Hass box. This was setup before because I had ask with regular home assistant. That SD card shit the bed so I decided to go with Hass. Totally forgot, gladly they were white hat. At least I hope so. I am in the process of wiping all my devices and starting with new passwords. Second factor authentication on phone as well

This is part of purpose to factory reset and/or reinstall OS.

Quite often we forget things done in past. This is best way to wipe away any past configuration that may cause current issue.

That and someone logged onto your system and who knows what they installed and hide that you not foundā€¦start from scratch else this may happen again

You forgot to add the bit where you did not have an api password set as just having the port forwarded wonā€™t get you hackedā€¦

Yep, it was wide open. Itā€™s still a hack. Just a zero skill one. Even if I leave my front door of the house open someone has to choose to walk in. Me personally even if I did stumble across someoneā€™s network I would at most Snoop. But not alter or change stuff to make their life more difficult. That is the ā€œhackā€ I was referring to. The funny thing is they got me looking here on the Hass fourm due to the content of the message.So I do owe them that, it is quite possibly a fourm member. Thanks if your reading this, for not opening my garage door or something. Although the tv volume at 99 was pretty bad. Scared the shit outta me and the wife.
Right now my router has 8123 not forwarded. Iā€™ve got samba on with ssl: true guest:false and a user name and password. It seemed windows was being a bitch about letting me into the share until I put a different user name in other than admin idk why. Soon I will put it on letā€™s encrypt and duck dns. Maybe even use the secrets

well i have been reading this from day 1

I canā€™t get my head round why anyone would open there automation to the outside would

to me its like leaving the front door open/unlock and going to work.
i canā€™t blame the builder of my house if something go missing.

I use HA to do thing for the family base on when we at home

That my 5 cent worth

the major reason i tried to get it all open was for automation related to device tracking. never really worked well anyway.

If you mean ā€œwho would like to be able to control their house from outsideā€ then that would be me.

2 Likes

ok, for newbies in security just one more time everything together
I have samba, guest mode, no pass. actually, most of the time it is off. Duckdns and port mapping (443 - 8123). In firewall settings on router I had to open all ports to get remote access.
thatā€™s probably it, passwords are ok
after reading this I changed guest mod and put password to samba. Is it fine?

Did you open port 443 AND 8123, or 443 TO 8123?
Is your Home Assistant frontend password protected?

I dont see a problem as long as you just had 443 and 8123 open, and password protection on the fronend.

I can not open just one port. Only can: open all; open 1025-65535 ports; or close all
HA frontend is protected by pretty long password.
Is it critical to have just 443 open? im my router support I was told that it is impossible(to open only one port), just the way that i have described earlier.

Perfect example of how people get ā€˜hackedā€™. No Idea what theyā€™re doing but external control seems to be more important as understanding the risks of opening ports.

1 Like

Itā€™s called: learning. Especially, when there are tons of guides, where you can get the instruction how to get remote access, no one was talking about safety. But itā€™s great, that you are advanced. Maybe you can give me the links with safe alternatives? Itā€™s not cool to loose remote access and google assistant and smth else.

I would suggest a better router that allows proper port forwarding.

6 Likes

I would like to see what type of router only allows these options. I have NEVER seen such a thing. Are you sure you arenā€™t misunderstanding the terminology?

2 Likes

i second what @flamingm0e says.
i cant imagine a router that allows you to open all ports, but not a single port.
a router like that wouldnt even be worth 1 buck.

2 Likes

I hope I am wrong. Here is it. I will translate for you.
ā€œClosed all income ports (1-65535) by TCP protocol.ā€


ā€œClosed ports (1-1024) except 21, 22, 25, 110. open ports are 1025 - 65535.ā€


443 is open only in first one, where all ports are ā€œopenā€.
I talked to support a lot, they can not open just one port, all that can be done - settings which I shown.
I would love to be wrong, but when I closed all ports again - I lost remote access and google assistant.
P.S. port mapping is always ok, here is it.

P.P.S. I am using ā€œbeeline smart boxā€. It is one of the biggest providers in Russia. Now I am looking for router which would be fine for my purposes.