Device Observatory

A small project to show what connected devices/smartphones do on the Network/Internet.
The aim is to increase awareness regarding security and privacy.

Connect to the Access Point and visit 192.168.1.1 to show a list of all addresses/domains a devices connects to. Including SSIDs from a active scanning. This might reveals the SSID of previously connected networks!

have fun,
mwarning

1 Like

im gonna try to throw this in my next build, thanks!

so this makes its own dhcp and dns? im compiling an image right now with this package. what does it use for a local webserver? am i gonna need virtual machine edits with apache or anything with luci installed?

my first build i got an error about luci, im trying to install it now with luci unchecked in my configuration...

Will give this a spin as well, I'll finally know what my Android phone is up to :sunglasses:

so far i havent had any luck with luci packages and this package during configuration. I'm trying it again with just the package available, ill let you know if it compiles. See if i can install it after its flashed.

update:

unable to compile with luci

@sycohexor: It does not run its own dhcp- or web- or dns server.
/tmp/dhcp.leases is parsed as a source for hostnames. Raw DNS packets are parsed by the program.
The package installs /www/index.html and a symbolic link from /tmp/device-observatory.json to /www/device-observatory.json. uhttpd runs as webserver. But it needs to be started/enabled (/etc/init.d/uhttpd start).

In the future, I hope to integrate a web server, so everyone only sees own data only.

yeah ive had issues just incorporating it into the firmware for some reason. theres something similar to this called yamon you should take a look at.

yamon seems to be about usage/bandwidth monitoring. Device Observatory is about privacy awareness.

@sycohexor: maybe there is a conflict because the package wants to install /www/index.html.
That will be changed soon.

1 Like

I would like to try this out but onley if there is a luci package for it. I am not going to give up having a web interface for this. sorry I don't mean to be harsh!

the reason i was telling you about yamon is because it runs seperate from luci, you can install it on a seperate partition, say like a usb partition.

I have now included it's own web interface on 192.168.1.1:8080. Also, users only see their own data.
It is only for showing information, no settings and such. It's for an event. But might be useful otherwise.

1 Like

that works, cool ill try to include in my next build to test it out. I get it its kind of like local proxy that parses protocols, I understand that part. I wasn't looking for a bandwidth monitor, theres a lot of tools like that, something that seperates each protocol into an organized manner would be great, you know like a spreadsheet that displays tcp http post and get udp icmp etc..

Well, the main point is to educate users. tcpd/udp/icmp bandwidth is not interesting in that respect.
But the project is Open Source, feel free to fork and change it. :slight_smile:

ok will do! I'm just now about to finish compiling a new image. So will i have to run the command line in order for it to start capturing traffic, if you can give me a quick breakdown of what to do once i have the image up and running on this thread, that would be great.

ok so i have it installed, at first it was running fine, i didnt see much information though, once i created an overlay onto a usb it no longer starts on boot.

i tried running this:

root@user:/usr/bin# device-observatory --dev wlan0
Listen on devices:
 * wlan0 (ethernet)
DHCP leases file: none
MAC OUI database: none
JSON output file: none
Device timeout: none
Webserver port: 8080
Webserver path: /www

but when i visit lanaddress:8080 i get a file that shows this:

#!/usr/bin/lua
require "luci.cacheloader"
require "luci.sgi.cgi"
luci.dispatcher.indexcache = "/tmp/luci-indexcache"
luci.sgi.cgi.run()

I think you need to change it to /usr/share/device-observatory/www/index.html, also i use this as an access point forwarding dhcp requests to another server.

This will start the program with all parameters:

/etc/init.d/device-observatory start

See /etc/config/device-observatory for the settings. It also sets --webserver-path /usr/share/device-observatory/www
Also, the project does not use any lua. I suspect that some other server already uses that port. - it's because the webserver points to /www by default

In this case the /tmp/dhcp.leases is not available. DHCP packets would have to be parsed in this case.
This is not done yet.