Monitor login attempts on your home WiFi

Coming and Going

Listing 4 then stores all the discovered MAC addresses in the persistent hash, %leases and maps them to the matching IP addresses and device names. It thus knows which devices existed on the previous run, and which have just been added since then. Line 27 then adds the new entries to the hash's persistent memory, and line 28 fires off the events defined in lines 42-57 with notify().

A similar script branch handles devices that existed in the previous run and which thus exist in %leases but are now missing in the current run. The volatile %found hash stores these. If a discrepancy is discovered, line 34 then sends a message stating that the device has disappeared.

The notify() function basically looks like the test script introduced in Listing 2. It uses the Prowl API key stored in $API_KEY at the start of the script and only adds the application name, the event type (joined or left), and the description, while it leaves the URL field empty.

Because my low-budget hosting service does not allow root access, I installed the CPAN modules required by the script locally in the home directory below perl5; cpanm does this automatically if it notices that it cannot manipulate /usr/lib because it is lacking the necessary permissions. But for the script to find the modules installed there, line 3 in Listing 4 needs to add this path explicitly using use lib.

No Invasion – Yet

It was very reassuring to see that the script only discovered known devices on my WiFi during the beta testing phase, but at least now I am perfectly prepared for a full-scale over-the-air attack. Another thing I noticed is that some devices suddenly connect to the WiFi network in the middle of the night, even though they are switched off and lying somewhere in the corner of the room, one example being my Kindle Paperwhite ebook reader, most likely checking for available software updates.

It would be fairly easy to improve the script to know which MAC address belonged to which device, which you could easily handle using a hash in lease-notify. The text messages would then use device names designed to reflect the situation on the home network, which would make them much easier to understand when received.

Acknowledgment

I thank my co-worker Tristan Horn, whose idea it was to display devices joining and leaving the home network on a phone, and he also wrote an application for this purpose that integrates the whole enchilada in a far more professional UniFi system [3].

Mike Schilli

Mike Schilli works as a software engineer in the San Francisco Bay Area. He can be contacted at mailto:mschilli@perlmeister.com. Mike's homepage can be found at http://perlmeister.com.

Infos

  1. Listings for this article: ftp://ftp.linux-magazine.com/pub/listings/magazine/186
  2. Prowl: http://www.prowlapp.com
  3. Connecting push notifications with a UniFi system: https://tris.net/software/unifi-logreader\

« Previous 1 2 3

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source