Git Product home page Git Product logo

iot-stuff's Introduction

iot-stuff

Internet of Things lol

iotables.py

IoTables analyzes packets captured from a device and tries to generate relevant iptables rules. The goal is to assist in properly isolating IoT devices on a network.

Usage: iotables.py [OPTIONS] <PCAP FILE...>
OPTIONS
 -d <NAME>, --device <NAME>
       Name for the device from which the pcap originated; e.g. Nest, Sonos, etc

 -o <PREFIX>, --output <PREFIX>
       Prefix for file names created with result output. Defaults to device name.

Example: python iotables.py -d Sonos -o sonos5 /tmp/sonos*.pcap

Note about MAC addresses

IoTables makes a best guess for the target device's MAC address based on the most frequently seen MAC that is not one of the whitelisted MACs. This should reveal the target device MAC but actual results have been inconsistent. If you want to be certain, bring down the internet-facing interface and associate the target device to the AP. The only non-broadcast MACs should be the WLAN interface and the target device.

iot-stuff's People

Contributors

int0x80 avatar

Stargazers

Pradyumna Joshi avatar Minh-Triet Pham Tran avatar paranoid soul avatar Frederico Mariano de Almeida Marques avatar moshe malka avatar Konrad W. avatar

Watchers

Minh-Triet Pham Tran avatar avatar avatar

Forkers

paran0ids0ul jharpole

iot-stuff's Issues

Add option to write result output to separate files

Currently all results are written to stdout in a manner that does not facilitate ingestion by other processes. Saving results to a file would make them parseable in a programmatic fashion. This should also include the addition of command line options:

  • -d for the device name
  • -p for the output file prefix

Example run might look something like:

$ python iotables.py -d Nest -p thermostat nest-*.pcap
[+] Created:
thermostat-dns.txt
thermostat-transmissions.txt
thermostat-iptables.txt

Add file globbing to iotables.py

A bug exists somewhere that prevents iotables.py from processing large pcaps. One workaround has been to rotate the pcaps frequently.

iotnetworklab:~ $ sudo tcpdump -n -s 0 -G 600 -w "nest-%s.pcap"

This results in many pcaps needing analysis, but iotables.py only processes one pcap at a time. Add file globbing so that all pcaps can be processed in one go.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.