Most reacted posts
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
After a recent EG4 18kPV installation I was curious about how its cloud monitoring system was designed. To my surprise, there is no encryption whatsoever, and raw RS485 MODBUS commands are being sent directly across the public internet. 😲 This means a MITM attacker has trivial control over...- Reaction score: 9
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
My general approach in areas like this has been to accept risks that I can effectively mitigate. This lets me have the best of both worlds: I get extremely good value for money on equipment with a little extra work to roll my own security. For example, I run plenty of PoE 5MP ONVIF cameras...- Reaction score: 3
-
Post in thread: Lebanon's official news agency reports that home solar energy systems exploded in several areas of Beirut
As a follow-up, I found this article which dispelled the rumors after investigators looked closer: https://today.lorientlejour.com/article/1427662/did-solar-power-energy-systems-explode-during-wednesdays-attack.html Regardless, it remains prudent to reduce the external attack surface of...- Reaction score: 2
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
One general note here is that even though the hard-coded IP address is hosted by AWS in the USA, it appears to be a generic monitoring solution, possibly offered as a "white label" service similar to how the 18kPV appears very similar to a LuxPower LXP-LB-EU 12K. In fact, notice how the EG4 web...- Reaction score: 1
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
Sorry if it's a bit obtuse, these instructions are aimed at folks who are already running their own router firmware. OpenWrt is a popular choice as it's open source, and can be flashed onto hundreds of different models of popular devices: https://openwrt.org/toh/start Running open-source...- Reaction score: 0
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
In my case the OpenWrt router is the router/NAT for the entire site, with POE powered Wi-Fi access points and VLANs. The EG4 uses the included Wi-Fi dongle to connect to an "insecure" IoT VLAN SSID that I'm running, which already has increased scrutiny and isolation from other devices...- Reaction score: 0
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
OPNsense and pfSense are good choices for a firewall, but as far as I know the "pf" firewall that they're likely using from FreeBSD doesn't offer a way to do deep packet inspection (DPI) which is what I'm doing to inspect the MODBUS contents going to/from the inverter...- Reaction score: 0
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
The closest "rule" that would apply would be NEC 2023 110.3(A)(8) [pasted below], but I doubt an AHJ would be digging this deep unless they were really paranoid or looking for technicalities to reject. The "life safety" aspect of this rule is probably clearly defined by NFPA 101 "Life Safety...- Reaction score: 0
-
Post in thread: Protecting EG4 18kPV from Remote Attacks
Yes, their "API" is simply a TCP keep-alive'd socket that shuttles raw MODBUS commands back/forth in cleartext across the Internet. The tests.py includes all the packet flavors I captured from a local tcpdump and decoded with Wireshark. (I redacted my serial numbers from the packets when...- Reaction score: 0