I have an Arduino Uno and an Ethernet Shield hosting a home automation webpage, that has buttons to operate relays etc.
It has no security but I have a Dynamic DNS that nobody knows and it's port forwarded to a random and unused port number.
Other sources/forum posts have said it is enough to stop anyone finding it however it gets connected to somehow at random times through the day or night and then, who ever it is, presses all the buttons to see if something happens.
All of the Arduino Web servers with passwords haven't worked for me (Taking up too much space in the memory or just not working altogether)
So I was wondering whether it's possible to log who has connected, maybe to the micro SD card slot on the shield or just into memory?
Alternately is there a simple way to restrict who can access it that doesn't require a massive amount of code?
If you are using the W5100 chip and standard Arduino ethernet libraries then you can update the libraries to determine the IP address of any ethernet port connection. From there you may be able to determine the source of the problem.
If you can get IP addresses you can just ignore all ethernet port connections that are not coming from your normal (presumably local) range of IP addresses.
Thanks, how would I record IPs and where should the Arduino save them?
The unknown connections come from external IPs but it would mean I would know how often and when someone accesses it also, it would show their imprecise location.
Also can a Arduino be used with Basic access authentication
CatweazleNZ:
If you are using the W5100 chip and standard Arduino ethernet libraries then you can update the libraries to determine the IP address of any ethernet port connection.
Mazeratti:
however it gets connected to somehow at random times through the day or night and then, who ever it is, presses all the buttons to see if something happens.
If you are using GET request it could just be a robot crawling your page. Any luck finding out who did it?
I think I have seen it being done somewhere, but I can't remember where. Basic Auth is not encrypted so as long as you are OK with that and can access the header on the Arduino it should be a fairly simple project. However, you must be able to decode from Base64, which might take up some space in your code.
Lots of folks have set up a linux box as a firewall and then they are horrified to discover hundreds (or more) of probes trying all the various ports on their network. Many of those come from SE Asia or Russia, but you would be astounded at the number of continuous probes out there that are always poking at various IP addresses looking for something to hack into. Welcome to the internet :o Your home router (you do have one don't you???) blocks most of that stuff and people never see it (and don't realize just how bad it is). When you turn on port forwarding, you have just opened a hole into your network for them to find.
gpsmikey:
Lots of folks have set up a linux box as a firewall and then they are horrified to discover hundreds (or more) of probes trying all the various ports on their network. Many of those come from SE Asia or Russia, but you would be astounded at the number of continuous probes out there that are always poking at various IP addresses looking for something to hack into. Welcome to the internet :o Your home router (you do have one don't you???) blocks most of that stuff and people never see it (and don't realize just how bad it is). When you turn on port forwarding, you have just opened a hole into your network for them to find.
That's very true, trying to hide is nothing but a terrible advice when it comes to internet security. If it's online, people will find it. And if you are using GET-requests to set stuff in your app, just crawling your page will cause problem.