Monitor login attempts on your home WiFi
Coming and Going
Listing 4 then stores all the discovered MAC addresses in the persistent hash, %leases
and maps them to the matching IP addresses and device names. It thus knows which devices existed on the previous run, and which have just been added since then. Line 27 then adds the new entries to the hash's persistent memory, and line 28 fires off the events defined in lines 42-57 with notify()
.
A similar script branch handles devices that existed in the previous run and which thus exist in %leases
but are now missing in the current run. The volatile %found
hash stores these. If a discrepancy is discovered, line 34 then sends a message stating that the device has disappeared.
The notify()
function basically looks like the test script introduced in Listing 2. It uses the Prowl API key stored in $API_KEY
at the start of the script and only adds the application name, the event type (joined
or left
), and the description, while it leaves the URL field empty.
Because my low-budget hosting service does not allow root access, I installed the CPAN modules required by the script locally in the home directory below perl5
; cpanm
does this automatically if it notices that it cannot manipulate /usr/lib
because it is lacking the necessary permissions. But for the script to find the modules installed there, line 3 in Listing 4 needs to add this path explicitly using use lib
.
No Invasion – Yet
It was very reassuring to see that the script only discovered known devices on my WiFi during the beta testing phase, but at least now I am perfectly prepared for a full-scale over-the-air attack. Another thing I noticed is that some devices suddenly connect to the WiFi network in the middle of the night, even though they are switched off and lying somewhere in the corner of the room, one example being my Kindle Paperwhite ebook reader, most likely checking for available software updates.
It would be fairly easy to improve the script to know which MAC address belonged to which device, which you could easily handle using a hash in lease-notify
. The text messages would then use device names designed to reflect the situation on the home network, which would make them much easier to understand when received.
Acknowledgment
I thank my co-worker Tristan Horn, whose idea it was to display devices joining and leaving the home network on a phone, and he also wrote an application for this purpose that integrates the whole enchilada in a far more professional UniFi system [3].
Mike Schilli
Mike Schilli works as a software engineer in the San Francisco Bay Area. He can be contacted at mailto:mschilli@perlmeister.com. Mike's homepage can be found at http://perlmeister.com.
Infos
- Listings for this article: ftp://ftp.linux-magazine.com/pub/listings/magazine/186
- Prowl: http://www.prowlapp.com
- Connecting push notifications with a UniFi system: https://tris.net/software/unifi-logreader\
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
So Long Neofetch and Thanks for the Info
Today is a day that every Linux user who enjoys bragging about their system(s) will mourn, as Neofetch has come to an end.
-
Ubuntu 24.04 Comes with a “Flaw"
If you're thinking you might want to upgrade from your current Ubuntu release to the latest, there's something you might want to consider before doing so.
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.