re: What did a IoT device do on my network? VIEW POST


It might have its network adapter set to promiscuous mode, and is mirroring all network traffic it can see on the network to some host somewhere in case it gets unsecured http requests?

On a less malicious note, maybe it has cloud log reporting,and the developer left it on trace mode by mistake?

As others have said, put wireshark on it (but possibly not while connected to the internet, just look at the DNS requests).

code of conduct - report abuse