Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
Request a bit of help getting a Modbus TCP write working correctly
-
@kawarau said:
I may still try and leave password protection in place where I can as having an open connection that someone can use to open a site mains breaker makes me more than a little uncomfortable.
Security by obscurity is fine till someone figures it out and I'm sure there is someone out there at the moment researching these types of vulnerabilities, and it probably can't be too hard to write a script to ping port 502 around the place and fiddle with the addresses you get replies from.Have you considered changing your Modbus TCP server port from 502 to something non-standard? If you are accessing it behind a router you can usually set up a Dst-NAT rule for port forwarding which means you don't even need to touch the ComAp.
We use a VPN for all our remote sites and all the SIMS get IPs that are behind carrier-grade NAT. So devices are only reachable from inside our network. You can also get M2M SIMs (via M2MOne in Australia) that are provisioned with a private APN that automatically joins the modem to a VPN at the carrier level, no VPN client or router required :D
-
How did you go Ian?
