The open source Manufacturer Usage Description project (osMUD for short) is working to improve the security of connected things and their networks. osMUD implements the MUD specification, is free to use, and you can help improve it!
MUD, or Manufacturer Usage Description, is an RFC published by the Internet Engineering Task Force (IETF) that allows manufacturers to specify the intended network behaviors of the devices they build. The full specification can be found at https://tools.ietf.org/html/draft-ietf-opsawg-mud.
How does MUD work?
A MUD compliant network includes a MUD manager that communicates with network services like DHCP allowing the MUD manager to be informed of when devices enter and leave the network. Devices that provide additional information and context about themselves via MUD specified methods when seen on the network are considered to be “MUD Enabled Devices”. The MUD manager uses this context to obtain/download information from the manufacturer defining allowed behaviors for specific devices. The MUD manager uses the information (stored in a MUD file) to communicate with network services including firewall, DNS, and DHCP services and/or other services including network monitoring software to communicate allowed behaviors of individual devices. Implementing MUD on your network can reduce attack surface by:
- limiting the communication pathways between MUD compliant devices and the Internet
- limiting (or eliminating) communication between MUD compliant devices and other devices on your network (lateral movement)
- allowing communication only over necessary ports and protocols to and from
How to use osMUD?
osMUD is currently designed to run on OpenWRT with ties to dnsmasq and the OpenWRT firewall. However in the future osMUD will have the ability to run in other environments with different DHCP/DNS servers and firewalls. Get started
Become a part of the osMUD community
There are a number of ways that you can support, and become a part of, the osMUD community: