CUJO for IOT

[gunner2510]

Has anyone used the CUJO device to protect their home IOT devices and have you seen any potential attack that make you glad you bought it?

Edited October 27, 2016 by digininja
Removed link, looks to much like product advertising

[digininja]

Looks like snake oil to me

[gh0ulfr]

Just secure your router,, i.e if your routers logins are set to default(admin/admin) no "CUJO" device would help....

before buying any "cujo" make sure your devices are well configured.

[Decoy]

Packet Fence is decent. It's open source, and uses Nessus frequently to monitor devices connected to your network. I set up mine on a Raspberry Pi.

[digininja]

You pay for a Nessus licence to run on a RPi at home?

[Decoy]

It's not the full suite of tools, it's just a scanner object that works with PacketFence. You don't need to pay for a license. Alternatively you can use OpenVAS with it if you're so inclined.

[digininja]

Unless you are using an ancient version from before they went closed source you have to have either a trial licence which only runs for 7 days or a pro licence that costs around £900.

[Decoy]

Damn, that's hefty. I suppose you'd have to use OpenVAS then. I still get updates to my Nessus vulnerability database I think. The PacketFence website doesn't indicate any additional licensing either. Either way that's too bad as Nessus is pretty good. I've used OpenVAS in the past as well when I do network audits, and as far as I know that's still free.

[Decoy]

I still see the Nessus module on GitHub too. Now you've got me curious. I'll get back to you once I find out more. PacketFence is still good in my opinion though, just to follow up on my original point. I'm not totally familiar with Cujo.

Edited November 13, 2016 by Decoy

[digininja]

Openvas is free but has a poor reputation compared to Nessus.

Check the plugin but I'll bet it has to tie into a licenced version.

[Dec100]

I think there is still a free home version of Nessus (limited to scanning 16 IPs), but I have no idea what features it still allows.

https://www.tenable.com/products/nessus-home

[digininja]

Wish they would stay consistent with their offerings. That used to be there but then disappeared for a while and all you could get was the trail version of pro which was knobbled in various ways over various releases, the current way is that it is capped at a max of 7 days.

If this works as it sounds then it would be good for scanning your home network.

[Dec100]

Yeah, a lot of companies seem to frequently mess about with or hide the free offerings these days. I guess it's to maximise their sales and cut down on commercial companies using them, but it gets frustrating. Presumably, the whole point of free offerings is to give something back to the community and build a fan base among future professionals, so there's an important ease-of-use balance there somewhere.

Anyway, I know nothing of CUJO so I'll second Nessus and shut up.