My home network recently acquired a couple of IoT (internet of things) devices: a solar energy company hooked up a ethernet-connected telemetry gadget, and I put in a wifi-connected printer (made by the Brother company).

nmap told me the printer has an open web interface (80, 443). So I put a password on it. Cool. nmap says the printer has an open telnet port. Not so cool.

The solar company's gadget also has an open web interface. But it's not clear how to secure it, or even if I have to.

There's been a lot of trouble recently with IoT stuff getting pwned by cybercriminals and enslaved into massive botnet attacks. (Brian Krebs got hit.) I want to prevent this on my little network, and to know if it's happening. In other words, I'd love to white-hat hack my devices before a black hat gets a crack at them.

Do any utilities in Kali Linux do more than just say "hey, telnet's open"? Do any utilities probe for hard coded username/password combinations on random devices? Do any utilities monitor devices to detect when they've been pwned?

(Yes, they're behind a NAT in my router, and yes, I've closed up external access to the router. That should help. But cybercrooks are smarter and more motivated than I am. I just want to print an occasional photo and enjoy solar power).