IoT Networks

---

• Each device in an IoT network:
  • is identified with a unique serial number or code
    • embedded within its own operating or control system
  • can interoperate within Internet infrastructure
    • but use other networking standards and products

Operational Technology Networks

An operational technology (OT) network is communications network designed to implement an industrial control system, rather than data networking.

• term is used to distinguish the requirements of an industrial network from an IT data network
• typically uses either
  • serial data protocols
  • industrial Ethernet
    • optimized for real-time, deterministic transfers
• may use
  • vendor-developed data link and networking protocols
  • specialist application protocols

Cellular Networks

• cellular network for IoT enables long-distance communication over the same system as mobile phones
  • called baseband radio
    • named after baseband processor that performs the function of cellular modem
    • types of baseband technology:
      • Narrowband-IoT (NB-IoT)
        • a low-power version of the Long Term Evolution (LTE) or 4G cellular standard
        • signal occupies less bandwidth than regular cellular
          • data rates are limited (20-100 kbps)
        • has greater penetrating power
          • more suitable for use in inaccessible locations where cellular connectivity is not possible
            • tunnels, deep in buildings
      • LTE Machine Type Communication (LTE-M)
        • low-power system that supports higher bandwidth
          • up to 1 Mbps

Scanning IoT with nmap

• nmap -n -Pn -sSU -pT:0-65535,U:0-65535 -v -A 192.168.86.0/24
  • -n
    • to skip DNS resolution
      • speeds up scan
  • -Pn
    • treat all hosts as if they’re online
  • -sSU
    • do both TCP and UDP scans
  • --pT:0-65535,U:0-65535
    • range of ports to scan
  • -v
    • verbosity level
  • -A
    • detect OS and version
  • 192.168.86.0/24
    • IP and subnet mask to scan
• may take hours to complete