Jump to content

CAO Wireless Sensors - Anyone tried network sniffer

ralbright

By ralbright
in Wireless Sensors

Recommended Posts

ralbright Member

ralbright

Posted
Posted

Okay, I realize this might be far-fetched. I just placed an order for these sensors and the Tag Manager a few days ago. But from what I have seen, has anyone tried sniffing the packets from the tag manager, getting the contents of the messages it sends to their server and seeing the response? Could that in theory not be redirected to the network module with a DNS redirect in your router? Then have the network module spit back out the same canned response (or do the logic local side).

 

(Assuming that you have pfSense or equivalent routers.)

 

Or am I barking up a very annoying and complex tree here? (These are the strange ideas that flood my mind in the early morning hours while I am asleep.)

Link to comment
Share on other sites
MWareman Advanced

MWareman

Posted
Posted

Okay, I realize this might be far-fetched. I just placed an order for these sensors and the Tag Manager a few days ago. But from what I have seen, has anyone tried sniffing the packets from the tag manager, getting the contents of the messages it sends to their server and seeing the response? Could that in theory not be redirected to the network module with a DNS redirect in your router? Then have the network module spit back out the same canned response (or do the logic local side).

 

(Assuming that you have pfSense or equivalent routers.)

 

Or am I barking up a very annoying and complex tree here? (These are the strange ideas that flood my mind in the early morning hours while I am asleep.)

It's did try a few months ago. It's SSL - so you cannot see it without doing a DNS redirect to a 'reverse' proxy doing SSL interception - and then hoping they don't do SSL pinning.

 

Personally, if they don't do SSL pinning that's a security vulnerability (since it allows interception, such as you are trying to do). Good security design should ensure lack of success trying to intercept it.

 

That being said - I have not tried for quite a while now. I guess I should... :)

Link to comment
Share on other sites
mwester Advanced

mwester

Posted
Posted

Yep, it's locked down.  But not likely that it's done for security.  Maybe, and if so kudos to them -- but I'm a realist, and I suspect they locked it down specifically so that it COULDN'T be reverse-engineered easily.  It's all about protecting your future ability to capitalize your customer base with cloud services.

Link to comment
Share on other sites
larryllix Advanced

larryllix

Posted
Posted

Yep, it's locked down.  But not likely that it's done for security.  Maybe, and if so kudos to them -- but I'm a realist, and I suspect they locked it down specifically so that it COULDN'T be reverse-engineered easily.  It's all about protecting your future ability to capitalize your customer base with cloud services.

I call that security reasons.  Technology secrets security. :) It's the funny screw head in one corner of the plastic case. It's the lid of the plastic case glued onto the top of the EPROM that tears it apart when you crack the lid open.

 

This comes up more frequently,  now. There are many security levels and purposes.

Link to comment
Share on other sites
ralbright Member

ralbright

Posted
  • Author
Posted

So interesting feature that can be added to a pFsense router.... I can install a program called Squid that will do 'reverse' proxy doing SSL interception. So now I am waiting for the tag manager, and hopefully I can decipher what is being transmitted to and from the cloud for the CAO Wireless tags....

 

If anyone else wants to try, give it a go. More hands the better.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing

    • No registered users viewing this page.

  • Forum Statistics

    • Total Topics
      36.8k
    • Total Posts
      369.9k
×
×
  • Create New...