Capture HTTP request packets from my iPhone - iphone

I want to monitor the HTTP traffic sent/received from my iPhone. The iphone is connected to the Internet via my wifi router.
I want to capture packets from my windows 7 station.
Thanks for your help.

You have a few options here:
If your wireless router has a port mirroring or port spanning feature, turn it on and point it at your workstation's IP. Use Wireshark on your workstation to look at the packets arriving on the interface assigned to that IP.
If your workstation has a wireless card, get Connectify for Windows 7 (turns wireless card into Wifi Hotspot). Connect iPhone through Windows 7 wireless, and workstation through ethernet to the internet. Your workstation will effectively act as a router for your iPhone and you will be able to record iPhone's packets passing through it.
Get an ethernet hub (make sure it is not a switch, you won't see all packets on every interface with a switch), and connect your workstation, wifi router and internet to it.
Get a switch with port mirroring feature, configure port mirroring to forward a copy of all packets to your workstation.

Another option that I wish someone would have mentioned to me is pfSense. This is an operating system based on BSD made to serve as a firewall. Top of the line routers have, say 400 Mhz of processing speed, and unimpressive amounts of ram. The lowest-end computer you'll find these days has better specs than that, and of course, it's upgradeable. You don't have to bother with those terrible Cisco licenses (no DHCP with no license, 20 DHCP users at one license level, 100 users at an higher lever? Ludicrous), etc. Best of all, you have "root' access to the system, so you can run whatever you want on it (including wireshark, say)!!
Make sure you have two sufficiently fast ethernet cards. You'll set your wireless router to not do NAT (because pfSense will be doing that), then you can get to work setting up your VPN server, etc. without thinking about cisco licensing, etc.

Related

Is it possible to connect to Modbus TCP via Ethernet?

Is it possible to connect the Ethernet port (of a Raspberry Pi) directly to a Modbus TCP RJ45 port (such that the devices can talk to each other)? Or is this not possible without a converter?
I am unsure if this is the correct forum, but I believe this should not be specific to the Raspberry pi.
Short answer - Yes... But....
As per the comments this is possible but there are a few things you will need to do (i.e. some configuration will be needed).
I think it's worth nothing that "Modbus TCP RJ45 port" is not really a meaningful term. Modbus is an application layer protocol; this depends upon a number of underlying layers:
Transport layer - TCP
Network layer - IP
Datalink Layer - Ethernet
Physical Layer - Ethernet cable with RJ45 connectors
You don't need to understand this in detail; the point is that before ModbusTCP will work you need to have a working TCP network (which all Modbus-TCP devices will support; generally via an RJ45 Ethernet connection). As such a better question probably is "If I run a CAT-5 cable between a Raspberry Pi and another device (Modbus TCP unit) will I be able to connect via TCP?" (a lot more people know about TCP/IP networking than Modbus!).
The first thing to consider is Ethernet. Running a cable directly between two older devices will often not work because they needed a crossover cable. Almost all modern equipment (including the Pi) supports Auto MDI-X which means the cable will just work. You can also connect the units via a switch (and doing this removes the need for Auto MDI-X).
Next you need to consider the IP layer. When you connect your Pi to your home network it will (usually!) be given an IP address by a DHCP service (usually running on your router). If you are connecting the Pi directly to the device then there will be no DHCP service so you will need to manually assign IP addresses to the devices (and ensure the subnet is correctly configured). A common way to check if an IP connection is working is to use the ping command.
With the lower layers working ModbusTCP will generally 'just work'. Many ModbusTCP devices also offer a browser based configuration and checking that you can access that is a good way to confirm that the network link is working.
One further question is probably "should I do this"; it's OK to hook things up this way to make some quick changes. However generally you will want the Pi to access other network resources so connecting everything to a router (home router will work; for remote devices a cell router is often used). You can either give the Modbus unit a static IP manually or use the routers configuration pages to assign it a static DHCP lease (otherwise it's IP might change from time to time).

2 router in cascade with 2 DHCP and remote access

The installation is in a holidays house (so no permanent internet access)
I have a 4g-Routerm (ROUTER-1 = huawei B525-b23) that enable the internet access. I switch it on one day a week.
I have another router (ROUTER-2 = GL-MT300N-V2).
ROUTER-2 is always plugged on electricity.
On ROUTER-2 is connected through ethernet port a Raspberry-Pi3 (with Home Assistant on it).
On ROUTER-2 is connected through WIFI a Camera IP
ROUTER-1 and ROUTER-2 are connected together through ethernet.
When ROUTER-1 is not plug to electricity, none have acces to internet, but it's not an issue.
The camera save picture on the Rapbery Pi3, the Home Assistat is recording some sensor data.
When I switch on the electricity on the ROUTER-1, everyone have access to internet.
What I want is to have remote Access to my router-2 and my Rasberry and my Camera when ROUTER-1 is online
How should I do ?
Hi I can think of two solutions for this setup but both involve buying a second hand cheap router.
I think the use of a single router would make this setup a lot easier. Any router would work that supports:a USB 4g Modem to be attached to it, and has support for setting up a openvpn server and you need to be OK with leaving the Internet on all the time just make sure you dont have any services running that use up bandwidth and you should be ok. You can can connect both raspberry pi and IP camera to that router. Setup Openvpn server open the UDP port required and download the certificates, You should be able to vpn into your network and manage it through SSH or something remotely.
The second option is tailored to you but still requires swapping the 4G Modem with another one that supports these things: Wake on LAN, openvpn server, supports ssh into it over LAN and either has 4G support through a sim card slot or a usb port with modem support.
You can then have it setup so this new Router-1 is switched off with wake on lan configured on it and the raspberry pi to send the magic packet. You can use something like this to get an idea of how WoL https://www.lifewire.com/wake-on-lan-4149800. You can use cron on your raspberry pi to send WoL signal to Router 1 once a week which would eventually give you internet access once the router is up. You have to setup a vpn server on it and forward the required port and download the certificates. When your scheduled WoL cron runs make sure you are able to connect through vpn then access network resources you wish, at the end when you are done you can ssh into the router-1 and turn it off.
I hope this helps. I had a look at the router models you are using and it doesnt leave you with many options. You can get cheap second hand routers online that support everything that is required.

Passive WiFi detection system using WiFi router

As part of my project requirement I want to make a system which will detect all the WiFi devices in my router range either its connected or not, I did some research on it then I found something like wireshark ,kismate etc I just tried the wireshark by making my Mac machine's WiFi as an adhoc network and its all fine I am able to list all the WiFi devices in wireshark, now I want to make a real-time system based on a real WiFi router I don't know how I will configure my router using my PC and how I will monitor the router from my PC , one more thing if I am using this wireshark how I will use this data for my requirement. If any one worked with similar scenarios please help me..thanks in advance
To do that you will need more than the usual API that you have on commercial WiFi routers (by that I mean a full SSH access). I would:
flash my router with OpenWRT (you can search for your router on this page for detailed instructions)
Install the aircrack-ng suite on the flashed router with
opkg update
opkg install aircrack-ng
Put my WiFi card in monitor mode and run the airodump service:
airmon-ng start wlan0 #Put your NIC in monitor mode
airodump-ng mon0 #Sniff surrounding packets
You don't necessarily have to install aircrack-ng, you can just put your card in monitor mode using command line (look at the documentation for your WiFi driver) and then run tcpdump (command line equivalent to wireshark) but aircrack works very well and has a nice format.
Also, I should warn you that you can brick your router by flashing it. I never had such a problem when flashing router mentioned on the OpenWRT wiki and there are (most of the times) ways to restore a bricked router depending on the brand but I am not responsible if you break it ;)

Virtualization aware switches

According to http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns892/ns894/white_paper_c11-525307.html
Each virtual machine is given a dedicated network interface card. My question is, how do a server containing about 10 virtual machines, ever support 10 NIC's ?
Those NICs are probably virtual. Packets from them are routed to the physical NIC(s) and the other way around. It's pretty much the same thing as you get in modern WiFi routers: at home you only have one Ethernet port from your Internet Service Provider, it's in the modem. You connect your router to it, but your router may have 2+ Ethernet ports to which you can connect multiple PCs.
They can be physical too and either be directly accessible to VMs or indirectly.

Redirect telnet 23 to COM Port via WIFI

I bought an Bluetooth ELM327 to read codes out of my cars diagnostic ports
I connect to it via Bluetooth in windows and it makes a serial-over-bluetooth com port 4
which any application running on my windows will connect quite happily.
I then found a few apps for the iphone and android etc that connect to these ELM gadgets via WIFI and not Bluetooth (because for some reason you cannot pair to these devices of iphone)
Now obviously I can buy a WIFI enabled ELM327 - but it costs £130 and my Bluetooth one cost £15
So after reading about this a bit I found out that the WIFI enabled ones you connect up as ad-hoc network and the smartphone(iphone) app tenets in port 23 that relays normal serial commands.
So obviously in the WIFI enabled one there must be some processor that runs an nano-os with telnet and some rs-323 translators and not sure what else.
How, using Windows 7 will i be able to relay any incoming WIFI requests for Telnet port 23 to my COM 4 that is connected to my Bluetooth ELM327 ..
As this is surely all that is needed by the Smartphone app.
You dont have to connect using a Bluetooth library like suggested ... because you are already connected to the device and have COM4 exposed to you. SO all you have todo is use a telnet library and translate and handle the handshake then realy the infomation as serial data.
There's no feature built in to Windows (or any other platform I know of) for such a scenario.
It would be fairly straightforward however to write a program to listen on port 23 and open a bluetooth connection when connected to, and then forward the data received on each connection out onto the other.
For instance one could use my .NET library 32feet.NET (e.g. http://32feet.codeplex.com/wikipage?title=General%20Bluetooth%20Data%20Connections etc etc) along with TcpListener from the .NET framework class libraries.