310 likes | 581 Views
Home Automation / Networking. Presented by George Quintos Mt. SAC Service Learning May 21, 2005. Agenda. What is Home Automation? X10 protocol Serial to Ethernet networking Packet sniffing Use of Ethereal Installing SSH server Telnet Filters Viewing plain text and ciphertext packets.
E N D
Home Automation / Networking Presented by George Quintos Mt. SAC Service Learning May 21, 2005
Agenda • What is Home Automation? • X10 protocol • Serial to Ethernet networking • Packet sniffing • Use of Ethereal • Installing SSH server • Telnet • Filters • Viewing plain text and ciphertext packets
What is Home Automation? • Able to control appliances remotely with an on or off power state • Demostration
What protocol does home automation use and does it work? • X10 protocol uses the existing power lines in a home as its communication medium. • Sends out a specific signal on the power line. X10 modules connected onto the same power grid respond to the command. • Uses different codes to differentiate each module. Ie A1 – A16 • Have a different wavelength of communication. Homologous to DSL. • X10.com uses the X10 protocol – they did not develop the protocol. • In depth definition of X10 protocol: http://www.x10.com/technology1.htm
How much are the X10 modules and where can I buy them? • $12 to $50 • Online • X10.com • Smarthome.com • Outpost.com • Google – keyword: x10 or home automation • Brick and mortar • Frys • Smarthome in Irvine, CA.
What is Serial to Ethernet networking? • Device servers that convert Serial packets into TCP packet and vice versa.
Who uses Serial to Ethernet? • Security companies • Security panels • Manufacturing plants • Serial CNC machines • Tank levels • Information Technology • Connect to Cisco’s console port • RAS – PPP or text dial-in • Printing • Electronic sign banners • Old main frames
Serial to Ethernet demonstration • Lantronix device server connected to a Cisco Pix or Cisco Router
What is packet sniffing? • Also known as Network analyzers • A program that analyzes packets on a physical medium such as CAT5 • Can be used to help troubleshoot networking issues or can be used to eavesdrop
Some packet sniffing programs • Ethereal – free (http://ethereal.com) • Etherpeek - demo (http://wildpackets.com) • Thousands more online – perform Google search for packet sniffers
Ethereal • Freeware • Can run on different types of Operating Systems Let’s install it and have some fun!
Installation of Ethereal • Go to http://ethereal.com/download.html • Download the installer and WinPcap
Common Ethereal filters • tcp.port==xx - tcp port • ip.addr==xxx.xxx.xxx.xxx - All packets to and from a certain IP • ip.src==xxx.xxx.xxx.xxx - Source of IP • ip.dst==xxx.xxx.xxx.xxx - Destination of IP • && - Will include filters • Follows TCP stream – follows the whole TCP stream in ASCII (by default)
Unsecured data across the network • Running Ethereal will expose data stream • Telnet is clear text
Securing data across the network • Use encryption • Secure connections such as SSL and SSH
The following slides will require you participation – have your computer ready!
How to enable telnet • Run services.msc • Right-click on Telnet and choose Properties • Choose manual on the Startup type drop down menu • Click Start
Prepare Ethereal to sniff • Run Ethereal and click on first icon on the far left • Choose NIC and click prepare • Check first two under Display options • Click the Capture button when you are ready to start sniffing • Note: If you are using a wireless NIC you will need to be in Monitor mode therefore, uncheck Capture packets in promiscuous mode
Sniffing telnet session on the LAN • Run the sniffer – click Capture! • Open command prompt and enter TELNET [your neighbor’s IP address] • Log in with administrative privileges • Perform some commands such as IPCONFIG, CD, Ping, NETSTAT –a, and EXIT • Stop capturing packets
Inspecting the packets!Filter telnet packets • In the filter bar type in “telnet” without the quotes • Note: Since we ran telnet at the same time you may have picked up other telnet protocols on the wire. Use telnet&&ip.addr==xxx.xxx.xxx.xxx • You will see a list of telnet protocol packets • Right-click on a packet and choose “Follow TCP Stream” • Blue is the data from the server • Red is what you sent to the server
Is there a secure way to telnet to the server? • You can install SSH (Secure Shell) on the server • Note: You will need a terminal emulator such as putty
Where can I download an SSH Server and an alternate terminal emulator? • OpenSSH - http://sshwindows.sourceforge.net/ • Putty.exe - http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Installing OpenSSH • Run setupssh.exe and install it – use defaults • Open command prompt and perform the following command line setup • C:\>cd C:\Program Files\OpenSSH\bin • Create permission file • mkgroup -l >> ..\etc\group (local groups) • mkgroup -d >> ..\etc\group (domain groups) • mkpasswd to add authorized users into the passwd file • mkpasswd -l [-u <username>] >> ..\etc\passwd (local users) • mkpasswd -d [-u <username>] >> ..\etc\passwd (domain users) • net start opensshd
Adding a name to the SSH service port – OPTIONAL • When you perform a NETSTAT –a in the command prompt it will show you all the connections and listening ports • Open the SERVICE file located in C:\%systemroot%\system32\drivers\etc directory • Enter a statement such as “SSH-server-P22 22/tcp” • SSH Server default listening port is 22 • If you have SSH server running you will see SSH-server-P22 listening when you enter NETSTAT -a
Before connecting to the SSH Server, how about a network sniff?
Running Putty.exe • Double click on Putty.exe and it should start running • Enter the IP address of the SSH Server and choose SSH as your port or protocol • Click Open
Recap Unsecure and Secure data stream • Telnet – unsecure • SSH v1 and v2 – secure • Uses Diffie Hellman as the key agreement protocol to exchange the secret key
The End! Any questions?