|
Smart Home firewall
Profile-based Smart Home firewall
|
-lan More...
Functions | |
| def | main () |
| FUNCTIONS ###. | |
Variables | |
| string | mac_src = "50:c7:bf:ed:0a:54" |
| GLOBAL VARIABLES ###. | |
| string | mac_dst = "c0:56:27:73:46:0b" |
| string | ip_src = "192.168.1.135" |
| string | ip_dst = "192.168.1.1" |
| int | port_dst = 53 |
| string | qname = "example.com" |
| string | eth_broadcast = "ff:ff:ff:ff:ff:ff" |
| GLOBAL VARIABLES ###. | |
| string | sha = "3c:cd:5d:a2:a9:d7" |
| string | tha = "00:00:00:00:00:00" |
| string | spa = "192.168.1.222" |
| string | tpa = "192.168.1.135" |
-lan
-wan
Attack towards the `turn-on-upon-motion-phone-tcp` policy of the TP-Link smart plug.
Send unwanted packets having the following signature:
- Source MAC address: 3c:cd:5d:a2:a9:d7 (phone MAC address)
- Destination MAC address: 50:c7:bf:ed:0a:54 (TP-Link smart plug MAC address)
- Source IPv4 address: 192.168.1.222 (phone IPv4 address)
- Destination IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
- Destination TCP port: 9999
Any attack packet will be blocked, as the prerequisite door state update pattern
has not been seen beforehand.
Attack towards the `turn-on-upon-motion-cloud` policy of the TP-Link smart plug.
Send unwanted packets having the following signature:
- Source MAC address: c0:56:27:73:46:0b (gateway MAC address)
- Destination MAC address: 50:c7:bf:ed:0a:54 (TP-Link smart plug MAC address)
- Source IPv4 address: TP-Link cloud server IPv4 address
- Destination IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
- Destination TCP port: 443 (HTTPS port)
All packets should be blocked, as the prerequisite door state update pattern
has not been seen beforehand.
Attack towards the `dns-query-plug-use1-api` policy of the TP-Link smart plug.
Issue DNS queries for an unwanted domain name.
Packets have the following signature:
- Source MAC address: 50:c7:bf:ed:0a:54 (TP-Link smart plug MAC address)
- Destination MAC address: c0:56:27:73:46:0b (gateway MAC address)
- Source IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
- Destination IPv4 address: 192.168.1.1 (gateway IPv4 address)
- Destination UDP port: 53 (DNS port)
All packets should be blocked.
Attack towards the `arp-plug-phone` policy of the TP-Link smart plug.
Issue ARP requests toward the smart plug with a rate higher than allowed.
Packets have the following signature:
- Sender MAC address: 3c:cd:5d:a2:a9:d7 (phone MAC address)
- Target MAC address: 00:00:00:00:00:00 (default MAC address)
- Sender IPv4 address: 192.168.1.222 (phone IPv4 address)
- Target IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
Packets should be blocked when they exceed the allowed rate of 1 packet per second.