Is there a way to programmatically reach into the BIOS and turn on the Wake on LAN capability for those machines that support it?
Ideally, the solution would be cross-BIOS, but hitting each of the major vendors with separate solutions would be okay, too.
BIOS configuration is something that the OS intentionally limits to avoid virus problems (lots of bios viruses back in the day!).
You need to look at the system management interface to see if it's available generally. You'll probably need to work in ring0 in windows (or root/kernel in linux). Additionally, you'll likely need to learn how to do this accessing the hardware directly, learning and keeping a database of the most common BIOS manufacturers and types, and even then won't be able to cover all of them.
SMBIOS might help?
I know we had a utility to read the BIOS from a regular windoze program once, at my previous job.
I think you're going to find that Wake on LAN is a CMOS Setup option, and so not programmable via hardware-agnostic OS interfaces.
Dell Inc. provides customers the OpenManage suite of utilities for remotely manipulating Setup settings on its client machines. Some links:
Dell OpenManage
Wikipedia article
There are several steps on enabling Wake on LAN. First it must be enabled in BIOS and second it must be enabled on the network card itself.
In Windows, you can find the settings under the advanced options dialog box for your network adapter. For Linux, you can use ethtool command.
Use ethtool eth0 to display current status for eth0 interface:
Settings for eth0:
Wake-on: g
Use ethtool -s eth0 wol XYZ to set the option, but remember that not all cards support all WoL methods and that some cards do remember the settings upon reboot, but others do not (then you need to add this command to your startup scripts).
wol p|u|m|b|a|g|s|d...
Sets Wake-on-LAN options. Not all devices support this. The argument to this option is a string of
characters specifying which options to enable.
p Wake on phy activity
u Wake on unicast messages
m Wake on multicast messages
b Wake on broadcast messages
a Wake on ARP
g Wake on MagicPacket(tm)
s Enable SecureOn(tm) password for MagicPacket(tm)
d Disable (wake on nothing). This option clears all previous options.
Related
My employer has asked me to prepare for testing several thousand Chromebooks (mix of models/manufacturers) to refurb/flip. This may be a recurring thing.
Most or all of these will be old enough that CCD will not be available. I'd like to connect a widget such as a Raspberry Pi to the USB and have it automate testing as much as possible.
I know I can use keyboard emulation to inject commands, but I'd like to get a crosh session running over USB so that I can read info from the DUT besides just controlling it.
Google shows bazillions of returns about using a Chromebook as an ssh terminal but what I'm looking for is the opposite. I'm prepared for the answer to be a simple "no" but I'm concerned because I can't find that anyone else has asked this question. I don't think I'm that creative, so I suspect my Goog-fu is weak.
The answer appears to be "no". However I solved it another way; using "gadget mode" I have a Raspberry Pi ZW enumerate as a keyboard and a serial port. I put the Chromebook into Developer mode, open a developer shell with ctrl/alt/F2, or on a PC/linux or Mac system open a terminal window and type "sudo su" (these have to be done manually). Then I have the RPi issue this bash command to identify the serial port "in the blind":
SERPORT=/dev/serial/by-id/$(ls /dev/serial/by-id) # Chromebook or PC/linux
(or)
SERPORT=$(ls /dev/cu.usbmodem*) # Mac
Now I can have the RPi inject commands via the keyboard, put ">$SERPORT" on the end of each command, and the output comes in the RPi gadget serial port. The RPi then packages the data and forwards it over WiFi to our CRM. It's working nicely for Chromebooks, PCs booted into linux, Mac desktops and Macbooks.
Edit:
The company I work for has actually turned this into a product and so I'm not sure how much detail I should share, but...
I learned my way around gadget mode on the RPi from this link. There are examples for setting up a keyboard and a serial port. Using the templates in that link, I made a device called /dev/hidg0 which emits keyboard scancodes from the RPi to the Chromebook. I also made a device called /dev/ttyGS0 which the Chromebook sees as a serial port.
So I send keystrokes with some python like:
with open("/dev/hidg0","bw") as hid:
hid.write(blah)
and then have the Chromebook send text to the serial port, which I then read by looking at /dev/ttyGS0
Hopefully this will be enough to get you started. I found the isticktoit link very helpful.
I'm running Arch Linux and the Bluez libraries on my computer, and I'm trying to connect to an iPad [w/ Retina] over BLE. I can see the iPad in bluetoothctl, pair it, trust it, and connect to it. My question is in two parts:
1) I want to be able to select the attributes, more specifically for the MAP service. However, running
list-attributes
either during or outside of the connection returns no information.
2) My iPad cannot see the computer like it can see the iPad, either through the Settings --> Bluetooth menu or the CBCentralManager in an app that I'm developing. My computer is set to be discoverable and pairable forever, but it just doesn't find it.
How would I be able to connect to the iPad appropriately, if there even is a way?
Disclaimer to anyone using BlueZ user space tools:
OP mentioned in the comments that he utilized hcitool. It's best not to use hciconfig nor hcitool as these are in the process of
being phased out of BlueZ and have been unmaintained for a very long
time. They are prone to errors and the raw calls these programs make are blocking and cause interference with other Bluetooth applications.
BlueZ publishes some methods in order for users to use its Bluetooth (LE) functionality for applications or tasks: DBus and a lower-level approach. Programs included in the BlueZ user space package include bluetoothctl, which uses DBus for bluetooth related tasks, such as scanning, advertising and GATT. Tools like btmgmt, which can be considered a maintained version of hcitool, use the lower level libraries. BlueZ recommends using the DBus API for applications. Be sure to have compiled the source code and have followed the recommended instructions to use the mentioned tools. Also always check the licensing on mentioned tools and source files as some can not be included in proprietary software.
DBus-less solution:
If using bluetoothctl or DBus doesn't work out for you, I would suggest you use btmgmt. It can be found in the /tools folder of the user space source code.
If you're looking for or wanting to include GATT-related tasks, you can use btgatt-client to act as a GATT Client or btgatt-server to act as a GATT server from that same /tools folder.
These do not use DBus, nor the corresponding Bluetooth Daemon (bluetoothd) like bluetoothctl does
DBus solution:
What is most likely the cause of you not seeing services using bluetoothctl, however, is that you are not running the aforementioned bluetooth daemon with the -E flag (experimental). Currently, all GATT-related functionality is only usable when running in this experimental mode. (They're working to get it out of experimental-only mode) I think because it's still being developed. If I recall correctly BlueZ can also be configured/installed in this experimental mode, so that no manual actions are required.
To restart the BlueZ Daemon (bluetoothd) with GATT enabled run:
sudo service bluetooth stop && bluetoothd -E
In most cases, when stopping the bluetooth service, your bluetooth controller will power down and bluetoothctl won't respond to user input/freezes on startup. If this is indeed the case, use btmgmt and issue a power on to power the bluetooth controller again.
To VIEW the MAP service attributes, use list-attributes to view them. Ensure proper spelling. To SELECT the MAP service, you need to list-attributes then select-attributes, in that order.
It sounds like your ipad is having a problem. Perhaps try turning it off and on again. Make sure you have bluetooth enabled!
There is always a way!
I need to slow down (simulate bad) internet connection, I found some documentation where it was achieved by "ipfw pipe" command , the thing is that in latest MAC OS versions , ipfw was deprecated (and removed)...
I was wondering if there are any alternative to the ipfw API ?
Does anyone know how latest Network Link Conditioner achieves it?
The original previous way which enabled to slow down an internet connection :
sudo ipfw pipe 1 config bw 56Kbit/s delay 200 plr 0.2
and to clear the pipe :
sudo ipfw delete 1
Thanks.
I don't know much about Mac OS (I use Linux myself), but I'll give this a shot.
A bunch of digging established that ipfw seems unavailable, as you say.
I was also unable to find a way to use the Network Link Conditioner from the command line. Everything should be usable from the command line, so that's stupid.
One work around would be to try to access the NLC from within AppleScript. The following will get you started on toggling the NLC:
property thePane : "com.apple.Network-Link-Conditioner"
tell application "System Preferences"
activate
set the current pane to pane id thePane
--delay 2
end tell
---
tell application "System Events"
tell application process "System Preferences"
try
click ((checkboxes of window "Network Link Conditioner") whose description is "enable switch")
on error
click ((checkboxes of window "Network Link Conditioner") whose description is "enable switch")
end try
end tell
end tell
I think that you can run a script from the terminal with osascript <SCRIPT>.
As an alternative, Charles Proxy is a pay-to-use program that can be used to perform throttling, provided you can convince the software you are testing to connect to the proxy's port rather than directly to the internet. Maybe there are free proxy solutions out there somewhere?
Perhaps Squid would work in that regard. SquidMan seems to be an easy-ish way to install it for Mac. It looks as though DelayPools and or Client Bandwidth Limits might be useful for simulating a low speed connection, though I can't find evidence of people having used them for such.
I found several solutions that might work. They come from some old threads, but they might help:
How to simulate slow internet connections on the mac
Apple has made a very handy official tool to slow down the network connections on you Mac for testing purposes.
The Network Link Conditioner preference is a free download from within Xcode (for Lion and later OS). Additionally, iOS has similar function accessible from within Xcode and iOS 6 or later.
How do I simulate a bad Wi-Fi connection on my iPad?
There are a few ways you can do this, depending on your situation:
Move further away from your router. While this may seem a bit obvious, I realize that it isn't always possible while testing/debugging (for example, if you are working on a desktop computer).
Put aluminum foil around the router and/or antenna. This will (partially) block some or all of the radio signals by creating a makeshift Faraday cage. The results you get will depend on the strength of your router signal, distance from the router, and other environmental factors.
Set your router's wireless signal power to a lower setting. The method for doing this is different for each router, so you will have to look at the user guide for instructions on how to do this.
Slow down internet for iOS simulator
You can set the network to slow characteristic by testing on devices. Go to Settings -> Developer Settings -> Network Link Conditioner -> Enable. This is for iPhone/iPad running iOS 6
I don't know if the last one you can still do.
I've used many methods in the past for slowing down network connections, among them:
performing a parallel download of some massive Linux ISO file;
physically pulling out the Ethernet cable (at one point, I actually toyed with the idea of building a push-button device that would sit between two cat5 cables and do this without having to physically disconnect the whole cable).
using ifconfig eth0 down ; sleep 1 ; ifconfig eth0 up.
Hopefully one or more of those methods will help.
If you're looking to slow down your network connection because you're doing testing/profiling work, one option is to get a specific device that can create network latency/noise.
For example Apposite Tech's mini2 WAN emulator allows you to change values for bandwidth and packet loss. You can roll your own device too using something like: http://wanem.sourceforge.net/ . It just depends on your needs, time and budget.
I want to create a network intrusion detection system for iOS application. The main function is to allow the user to select a home network (maybe prompt them to simply enter the IP address only) and to be able to monitor the packets and if there is anything suspicious- we need to alert user via push notification or email. i wanted to use the features and functions of Snort, an open source network intrusion detection system.
Any Suggestions,Sample code ?! Where to start?
VM's do not have native hardware access, which is necessary for monitor mode. Maybe IOMMU PCI passthrough or bridged devices might work. It is probable that it is possible to compile the iOS kernel with a module that works for the wireless nic. I don't think it's a proprietary chip specific to apple, because a chip with multie technology capabilities in RF wouldn't be cost effective qt all. I'm just not sure if the filesystem blocks access in the OS framework or whatever. I have tried to compile linux/iOS ARM packages natively in the shell with the aircrack-ng source, but have not had any luck. Maybe someone would have better luck actually cross-compiling a package and sideloading it somehow.
I don't think this is possible for multiple reasons:
You wouldn't be able to compile snort for iOS.
In order to run snort you have to have the interface (NIC) in promiscuous mode, which I really don't think you can do on an iOS device (iPhone, iPad, etc) but I have never really looked into it, but Apple probably locks this down and restricts this for security purposes so if you could do it you'd likely have to jail-break the device first. It's not even possible to put the wifi card in an Apple laptop into monitor mode, which is similar.
There are a lot of dependencies for snort, most importantly the DAQ. You would probably only be able to monitor the wifi interface (even this might not be possible), not the interface used for the cellular network as this is probably a different daq than standard Ethernet nics.
This very likely is not possible on iOS, if it is it would be VERY difficult to pull off and even if you did the use case isn't really good. Even if you could get a daq for the cellular card, I don't know if promiscuous mode even exists and if it did all of the traffic on the cellular network is encrypted, so inspecting this with snort would be pointless. If you could do it for the wifi traffic it's probably not worth the effort honestly, especially since almost all traffic nowadays is encrypted, you'd have to decrypt it first, which certainly isn't possible to do.
In the view of Johnjg12's comments, I am wondering about your goal. If you want to make a NIDS, you can make it OS independent, anyway. If you want to consider only HIDS that monitors packet destined to it, we don't need it to be in promiscuous mode (a comment to Johgj12's response). so, now it is something to do with Snort on iOS. I am wondering if we can do it on a VM and then turning its promiscuous mode? Having said that I came across a link: https://www.securemac.com/macosxsnort.php
in my college lab all the PCs are connected via LAN by L2 switch. i want to capture the http data packets by wireshark but it is only showing the interface of my own PC. so how can i capture the packets of other PCs.
can somebody tell me working of wireshark?
It is in the nature of switches that you will only see either broadcast packets or traffic that has your MAC address as a destination, that is one of the crucial differences between a switch and a hub.
It is possible for most switches to be configured to copy traffic from one port to another, this is commonly done for monitoring purposes, but that has to be done via administrative access to the device.
You can manipulate the switch's behavior by means of ARP-Spoofing. But be cautious! Doing so might be seen as a criminal act.
So be sure that you're allowed to do so in the lab, sometimes that's OK if it serves the educational purpose. Ask your supervisor or the school's administrator.
My weapon of choice for such things is Ettercap.
A far less intrusive approach would be to use one of your own switches and configure it to forward all traffic. Then you can connect one port as an uplink to the lab's switch, one port to the device under test and one port to your machine running wireshark. (I would recommend using tcpdump for capturing, though.) If you don't have a manageable switch at hand, you can also use a router running OpenWRT.