Steven Anderson <wanfuse123@...>
Thanks for getting back to me. I appreciate the candid analysis. Since it's not going to work since most devices don't have an accurate clock and IPTABLES is too large and I am not sure if BFP can do it. I guess I will spill the beans on what I was thinking.
My idea was to use shimmer or port knocking (implemented through the firewall in order to allow communication from the devices.
Port knocking better described with a diagram (which you may have heard of anyways) uses an accurate clock and an encryption algorithm to determine which port is being used to communicate with a temporal factor involved...in other words the ports would only be open for a few seconds each and appear open in a random fashion but would be open in a non-random order, which is based on an "encryption algorithm". Best described with a diagram (which I cant link here) The gateway, remote servers and the IoT device would also have a copy of the encryption algorithm for setting up the timing.
I was also thinking that maybe (which would require even more memory) a trained neural net to search incoming packet buckets for intrusions but this would almost definitely be out of the memory scope and the processing power of such a device but might be workable on the gateway side.
It only takes like 10 lines of IPTABLES code to implement such a thing. Not sure about BFP's capabilities in this area. There is also ways to implement this from scripts.
Anyways, that was the idea, I guess that this isn't the right platform for it though