As my iPhone automatically joins my home network once I get home and press the main button, I thought this could be used as a trigger for some home automation ideas I have,
especially disarming the alarm system for example.
I could detect the iPhone by pinging the broadcast address with a script and then look for it's MAC address in the arp cache, but this would have to be done every 15 seconds or so
to be of any use. This really doesn't seem like the most elegant solution though.
Can anyone think of a better way to implement a check like this? I suppose one could assign an IP address dependent on my MAC address, then I would know what to ping, and could thereafter check the MAC address to keep things secure.
Just suppose I cannot assign a DHCP IP based on MAC address, as the problem
of being able to find the MAC address on the network is the part that really interests me.
Secondly I noticed with tcpdump that the iPhone seems to talk to itself all night, but only some sort of Ethernet frames:
23:59:59.740097 00:26:08:ae:ed:eb > 00:26:08:ae:ed:eb, 802.3, length 70: LLC, dsap Null (0x00) Individual, ssap Unknown (0x20) Command, ctrl 0x33: Unnumbered, 23, Flags [Poll], length 56
This happens every 2 minutes.
How could I monitor this traffic so that my "home" knows I am still there using a program? Could be good to automatically alarm the house when I am no longer there...
I think your router here should be the point of control... If you can log the devices that are logged on to the router you can disable your security based on that info.
If you have an openWrt compatible router http://wiki.openwrt.org/toh/start you can certainly extend to get the functionality you want.
Here is a link plugin for the indigo home automation server that does what you want to do bij logging the info from his router. http://www.perceptiveautomation.com/userforum/viewtopic.php?f=19&t=6876&sid=07a351fa04c2eadcd2d3813afc72ae5a
Note: it's really easy to spoof a mac address so might be interesting to have some other verification too :-)
Related
I am currently building an app that controls a single actuator and a LED strip. The controller for the actuator and LED strip is based on an ESP32.
On the ESP32 I have used the <ESPAsyncWebServer.h>, <ESPAsyncWiFiManager.h> to set up and connect the ESP to the local wireless network. In the app I would like to send some commands to the ESP like http://<ESP32_IP>/led_set?level=<level> and
http://<ESP32_IP>/act_open and so on, this shouldn't be an issue.
Normally I would set up mDNS on the ESP and in the Flutter app, however several of the ESP controllers are already shipped to the customers. So I am looking for another way to identify the ESP.
At the moment I have used the ping_discover_network library and the ESP shows up fine on port 80. I am however not able to separate the ESP from the other devices that shows up on port 80.
Do any of you have any suggestions?
Thank you in advance
You don't have many good options. If you only want to identify a few devices which have slipped through your fingers without mDNS, you can use their MAC address as a filter. If you happen to know their individual MAC addresses, then that should be quite painless. Otherwise you'd have to look for devices with MAC OUI (first 3 bytes, usually) ranges allocated to Espressif. Espressif has several OUI ranges, but if your devices were from a single batch of ESP32 module of the same type, they'll be using the same OUI so it should be quite easy to figure out.
E.g. a batch of modules I have all start with 40:F5:20:...
Of course, if a third party installs their (unrelated) ESP32 module into the same network, you'll have a chance of identifying those as well, but such is life.
This is obviously a stop-gap measure. Make sure further devices go out of door with some identification (mDNS or otherwise).
My router can apply MAC-address based restrictions, e.g. to limit access hours for a specific device on the network. (Not to be confused with IP address restrictions to block facebook, youtube etc..) This seems to be a common feature in routers found in DSL modems.
If a rogue user on my LAN uses a VPN app to access the internet, is it correct that the desired access restrictions still apply? In other words, VPN cannot be used to circumvent these kind of restrictions? Although the answer seems almost self-evident from the question itself, I am not sure what is all possible with port-forwarding, MAC-address spoofing etc...
UPDATE: To prevent third parties from using the MAC address to track devices, Android, Linux, iOS, and Windows[5] have implemented MAC address randomization. In June 2014, Apple announced that future versions of their iOS platform would randomize MAC addresses for all WiFi connections. The Linux kernel has supported MAC address randomization during network scans since March 2015,[6] but drivers need to be updated to use this feature.[7] Windows has supported it since the release of Windows 10[5] in July 2015 https://en.wikipedia.org/wiki/MAC_spoofing#MAC_Address_Randomization_in_WiFi
So, based on the answers below, so far, the VPN would usually not be able to spoof the MAC address, but LAN access control based on MAC address is made difficult or impossible by the intentional address randomization within the device.
A VPN is nothing else than another TCP IP connection. So the best approach would always be to block the dst address of the VPN. However, since this is normally not easy (there are tons of vpn dst ips). The connection, should be dropped if the source host MAC address is not allowed. In other words, you should treat the VPN as a Webpage. Just as you would block yahoo, you should block the vpn provider. Once the vpn is established, the mac would be allowed to do whatever it wish .
As far as I am aware, there are no VPNs that do this. Theoretically spoofing a MAC address could work, but it isn't what a VPN is designed to do. Even then there aren't really any simple options for spoofing MAC addresses on Windows.
So the desired access restrictions will still apply.
As per OSI-Layer Model, the VPN Connection is just an Application with (hopefully) encrypted communication (OpenVPN, SSL/TLS-VPN, IPSec) on Layer 4 (e.g. TCP/UDP) the packages themself are handled by the PHY (e.g. Network card, WiFi Modul, etc.). Therefore your MAC filter will detect these packages as packages from this MAC even if it can't read the content. The only bypasses for the MAC filter are MAC spoofing or using another PC on the network as a proxy or NAT device than your Router with the MAC filter will see this PC as the sending device.
I am trying to detect if my iPhone is in the same network as my Raspberry Pi. I would like to execute a script when I am at home and my iPhone's presence is registered in my LAN.
It seems that when the phone is in standby not even the iphone-sync port (6207/tcp) is found. "/usr/bin/nmap -n -sT -p62078 [my phone's local IP]" shows no host. I wonder what else I could scan for. Obviously the phone is online and ready to accept facetime calls (data via 3G is deactivated). Could I accomplish something with avahi which I am using on my Raspberry Pi, or are there other ways.
I've just spent a week beating on this problem so I can refrain from sending SMS home alarms to my wife when she's at work.
Pinging won't work because the iPhone won't respond to ICMP when asleep. Reading the ARP cache won't work because a sleeping iPhone will come and go (check it every 30 seconds for a few minutes).
The only way I have found to 'reliably' determine when my two iPhones are on my local (home) network is to use the PCAP dotnet library to look for any packets originating from either of the phones' MAC addresses. For example, if you run Wireshark with the capture filter
ether src <iphone-mac-address>
you will see a surprising amount of network discovery/announcement traffic from the phone. It still has quiescent states, but so far the longest interval I have seen between captured packets is around 10 minutes. You would have to wait until you have not heard from the phone for some interval (I use 15 minutes) before declaring it not-home.
With this technique you will find a phone quickly when it rejoins the home network, assuming your phone is configured for DHCP. I also use port mirroring on my main Ethernet switch to include traffic from my wireless access points.
I don't have a Raspberry Pi solution for this, because my linux expertise is very limited, but someone else may be able to help you along those lines. I have a Windows Service using the PCAP library and so far it works reliably, with the limitation of waiting 15 minutes before deciding an iPhone has left the network.
* update 2-3-2018 *
I have this detection algorithm down to about 5 minutes, using a combination of ping/arp messages directed to each phone, about once per minute. Seems to work great.
You can find a list of devices on your network by investigating your arp cache.
arp -a
Simply write a bash script to run arp -a at a regular interval, and search for the mac address of your phone.
You could go even further with this and perform different actions depending on what brand of device is connected.
The first 3 hexadecimal digits of a mac address are the vendor id.
Take the following mac address:
00:19:E3:AB:CD:EF
00:19:E3: is one of the registered mac address for apple devices.
By comparing the devices on your network with this list, you could detect when for example a '3com' device, or a 'dell' device attaches to your network.
http://www.coffer.com/mac_find/?string=apple
You can do "arp-scan -l -r10" for that (tested this myself), but the problem is if mobile data enabled the iphone will go and suspend wifi if screen is locked to safe battery. so you need to disable mobile data .. then arp-scan will work.
This question is not language-aware.
I wanna know how can I recognize a returning user on my website (Java, PHP, Coldfusion...) if he's using a dynamic IP.
Why? A lot of users of my web application use iPhone (with 3G networking) for accessing. IP changes each time, so I always see them as "new" users.
I know it's unlikely to track MAC address in web pages but.... what solutions are there for such a common problem?
Maybe a suitable iPhone app? ;-)
It's not quite possible to find original requesting machine's MAC address. You should use Cookies to track users.
You can find more info about MAC Addresses here.
A Media Access Control address (MAC address) is a unique identifier
assigned to network interfaces for communications on the physical
network segment. MAC addresses are used for numerous network
technologies and most IEEE 802 network technologies, including
Ethernet. Logically, MAC addresses are used in the Media Access
Control protocol sub-layer of the OSI reference model.
Why not do what everybody else does and use cookies?
As other said, you could easier get what you want with cookies...
and, reading your question and purpose, i'm not really sure that if a user uses it's iPhone via wifi and browse to your website and than it come back again via 3G the MAC address doesn't change... i thought that MAC address is unique not for a device, but for a single hardware component in it: this mean that an iPhone could have a MAC for wifi hardware and a MAC for 3g hardware... if it works as on my powerMac... i can see my computer has a mac address for my ethernet and one other for my wifi...
but i'm not an hardware expert, so (all readers), please consider this answer as a question too, and if there is any net expert on line...
I'm interested in writing an app that send messages over IP (using 3g, not neccesarily on the same WiFi network as the receiving end) to a PIC microcontroller connected to a router (via ethernet or wifi)
I saw some descriptions and examples on how to send messages on the same network, not sure if just by giving a different IP it would work outside the network it self. I was wondering how can it be received by the PIC (still hasn't decided which PIC, depends on the possibility to perform this)
and in turn, depends on the msg received, the PIC will perform an action, for example, light a certain LED in a LED array.
I have the sending side (the app sending over IP), and receiveing side (the PIC which lights the LEDs)
I'm just not quite sure what to send, or if such "translation" is even possible.
I've searched the web but couldn't find any such thing except for made kit (for RC cars for example)
Thanks.
Carmel
Here's a UDP library I built for Mac/iOS wrapped in simple Cocoa that sends UDP packets to an IP address of your choice. Comes with sample server client app.
This is generic UDP packets so you just have to listen for them on the other end ( whatever that platform is ) and read the content. Let me know if you need help with that
https://github.com/Shein/Mac-UDP-Client-Server
Well, if the PIC can run a TCPserver, or maybe just UDP, then sure you can control a LED by sending an appropriate message. With an appropriate static IP address and routing, then you can use your iPhone to turn on the LED from anywhere you can get a connection.
PICs are not exactly renowned for having high performance and lots of RAM. If you do manage to get a server working, try to not use XML/SOAP
This looks more like a question for http://electronics.stackexchange.com.
If your familiar with SPI you could consider Microchip's MRF24WB0MA/RM module which
enables PIC to connect to a wireless network (either to an infrastructure wireless or
to AdHoc, or it can create its own AdHoc).
If you're using MCC compiler then you also have library available for this module
at Microchip Application Libraries.
TCP stack takes some memory space though. PIC18F would do but you'd be better of with PIC24F (they tend to be cheaper than 18F anyway).