Simplelan projects

MORA99

Senior Member
So what projects are on their way ? :)

I have made a Ethernet controlled relay box,so I can control all the routers and stuff in the closet, and a led controller on its way.

Other ideas.
Temperature readings ofcause
Remote LCD? fairly useless probaly
Serial2Ethernet maybe

I was thinking of copying another project I did with a more expensive chip, but in the end it will just be for the project (graphs, sms/email alarm, based on ds18b20 sensors)
-biggest problem would be transfering the data to the client, since its too much to fit on simplelan even with all variables, so it would be udp sending or something.

Any bright ideas how we can protect the webpages if we put the little thing on a network where the webpage can be seen from the outside ?
Any javascript solution is insecure I guess, flash/java is a bit heavy.


Well shoot
 

hippy

Senior Member
Any bright ideas how we can protect the webpages if we put the little thing on a network where the webpage can be seen from the outside ?
Any javascript solution is insecure I guess, flash/java is a bit heavy.
Present the user with a javascript driven page which presents a text box to fill in, and when that's done and Submit is fired, vector off to the page name they typed in. That means they have to know the name of the page to go to, which doesn't have to be easy to guess. A robots.txt file or <meta> tag will keep search engines away from spidering the site and revealing the names of pages you are protecting.

To ramp up security, you can provide a set of text boxes in which a security code is entered ( ala Windows Registration Code ). You don't need to do much with it, just sum up the character values using a checksum algorithm and check some part of the value matches. Even if the encryption algorithm is in the HTML file, it is then applied to the filename so they have to (1) know a valid code to get through checksumming, (2) know the encrypted name of the page.

You can also use cookies so returning visitors who have passed validation once never need to again. You can also use cookies so the checksum entry and the page vectoring are done on separate pages.

It's a very lightweight means of protecting a page, and enough to deter most people who may accidentally wander across the link to the page.
 

lbenson

Senior Member
MORA99,

Are the web pages themselves at risk? I'm not entirely familiar with the module (got it working with an 18X to read 4 temperature sensors, and send email and UDP and update web page variables), but I thought that the html pages could only be downloaded to the SimpleLan by a PC running the avcomtec software on the local network. A router with a firewall should prevent outsiders from accessing the SimpleLan module in that fashion--they should see only the web page which the router has been configured to proved access to. (I may be missing a lot here, since my grasp on network security is rudimentary.)

Among other uses I'm thinking of the SimpleLan module as essentially providing a video output for the picaxe. For instance, I'd like to set up several circuits on batteries and time how long it takes for the batteries to run down. A 28X1 could monitor a number of projects, maybe hot-pluggable, and display results without the need for a PC always to be on. With a properly set up web page, a picaxe could display its registers and so help with debugging difficult problems.

One security problem exists if the outside access to the web page is allowed to provide inputs which are used to control things. One possibility is to provide password access to the update form, and to make the trigger of that form invisible. As with many secure systems, a certain number of failed password attempts could inactivate the feature for a period, and cause an alarm message to be sent.

It appears to me that entire two-way security and monitoring systems could be built using this type of device, and I'm confident that in a year or two they will be.

You mention SMS--are you controlling a cell phone? If so, can you provide details?
 

MORA99

Senior Member
I dont think the simplelan is at risk, since you also need the user/pass to change the webfiles.

If PICAXE could control the pages it could make a pretty good security, but I dont think it can, the pages are always there, but the javascript filename could work, atleast to take anyone just finding the page by luck.

I have a sms-gateway agreement on my server, which my temperature monitor simply asks to send a message, so no mobile phone involved.
 

steliosm

Senior Member
Well, if you would like to have access to the SimpleLan Web interface from the Internet I would propose the use of a VPN. Also, what hippy proposed (using non-common - index.htm- filenames) is pretty much secured, since the change for someone to find your filename is pretty small.
More advance options exist, such as using a real WebServer and 'hide' the simpleLan behind it using a technic known as ReverseProxy.
 
Top