New Armor subscription

TigerTiger · ‎2022-04-09

Just restarted Armor on my network.

Received notifications about vulnerable devices. Most I recognize, a few are unfamiliar.

How do I identify what they are?

"Shanghai High-Flying smart plug"

"HAL-002 router"

I figure that 1 or both are imbedded in something on my network.

Thanks in advance.

CrimpOn · ‎2022-04-09

Does Armor list the MAC address of the devices?

TigerTiger · ‎2022-04-09

Yes.
How do I figure out what they are...Next steps?
Thanks

CrimpOn · ‎2022-04-09

Most people enter the MAC address into a web site that maps manufacturer codes to brand names, such as:

https://www.wireshark.org/tools/oui-lookup.html

to get a starting place. This should eliminate a huge number of devices on the network.

i.e. if the oui maps to Samsung then it is probably a Samsung. if the oui does NOT map to Samsung, then it is probably not a Samsung.

Once all the obvious devices have been eliminated, then it is often a process of elimination. Turn off one of the suspect devices, and see which device disappears from the Attached Devices display (takes up to 5 minutes).

TigerTiger · ‎2022-04-09

Thank you.
Will reply back with results.

TigerTiger · ‎2022-04-11

Looked at multiple websites to track down the vendor of the "mystery" MAC addresses.

All led back to what I already knew, that it's a "Shanghai High-Flying smart plug"

Next step will be to start unplugging any suspects and see if it disappears.

If I've identified it, I have no idea how to remove the vulnerability that Armor found or if that's necessary.

Last resort would be to replace it with a known product if I can...TP-Link, Amazon, etc.

Any other advice?

Thanks.

New Armor subscription

New Armor subscription

Re: New Armor subscription

Re: New Armor subscription

Re: New Armor subscription

Re: New Armor subscription

Re: New Armor subscription