Hi - I turned on the IOT Security feature because ATT sent me a notice indicating a device has the Mirai botnet. However, it hasn't helped me isolate the device yet.
The only thing I can see if that ATT indicates that source port is 20783 and destination port is 23. I have one device with your scan indicating port 23 open, can't figure out how to close it as you don't have as many configuration options on your side and that device doesn't either. Also that device with port 23 open doesn't seem to have odd traffic from it when review web history. I've done the usual make sure passwords aren't default, etc
Any thoughts, suggestions?