This video was actually meant to show how to set up a bridge on a Linux box, which has many purposes. I just used the TV as a quick and dirty example of how to use it. I didn't realise people would latch right onto that aspect of it. I might do one specifically for that purpose in the future.
I laughed hard when you went back into UA-camr mode to wrap up the video and stopped ranting. But it is ridiculous, and you should show more of it (and dive deeper into what it's doing)
Yep. I had FB show a recommended group to join, from a tv show we accidentally had airing on the tv the other night. Needless to say, the Samsung Smart TV now has it's mic facilities switched off.
"Apt update" doesn't update your software; it updates the latest version numbers to determine which software needs updating. It must be followed with apt upgrade to actually install the latest versions.
Loved your response to what the TV was connecting to. Absolutely ridiculous what it connects to and even worse it sends out identifiers , I agree with you completely ! Thanks 👍
Nice vid, thanks for the share. Didn't think of using the Pi for this. Normally, I do this with my laptop and one of those USB NIC adapters. But, I can see how using the Pi could be useful. Especially, if your laptop runs windows. Linux makes this more robust. Your video also shows the importance of having separate VLANs for your IoT devices. Block 'em from everything and then see what the absolute minimum they need is.
The YT algorithms finally found me another interesting channel. Woot! Cool demo, all new to me so I'll be reading up on those commands. Thanks so much for the idea and demo. Wouldn't it be interesting to see what those home listening devices send back to Amazon and Google eh.
A 5 port tp-link smart switch costs only half of that pi + power supply +case+2x usb/network adapters. Just in case your main purpose is to snoop the device. To show how a bridge is set up on a linux box, the pi is the better choice.
Almost all Chinese "smarthings" call back to home. I bought couple of Mstar based camera modules and they report back to home even i switched off everything in the menus! No biggie just blocking the ports for that ip! Cool vid BTW!
all smartthings are calling home, and its potentionally a good thing in that they get updates. it can also be not so good thing.. who to trust is up to you to decide.
@@nescius2 yes , but it's debatable, i don't want it to call home. The only thing that i can control is when or what to communicate to the outside world , that's why i use Home_Assistant! Of course for a senior citizen or for to non technical person i would recommend Google home, Alexa etc. easy to install devices! No pain, no gain! !The one who cannot invest time to cope with this information hungry world must pay the price! I know sounds cruel but this is the reality!
@@ferencszabo3504, you are not _really_ able to control what it snitches on you neither, as encryption exists. I also would not recommend any of the spy mics sevices to my friends.
@@nescius2 the Wiresharking method + hub is my best bet, otherwise I'm trying to put the lid on the system to communicate little as possible to the outside.
The term "Bridge" was redefined to accommodate language and technological confusion with the role of bridges, switches, routers, and hubs. Essentially, real "Bridges" are used to connect two topologically incompatible networks. I.E. Token Ring and AUI. As these technologies rarely exist anymore an actual "Bridge" is rarely if ever seen. One could consider a router to be a bridge when it essentially converts T-1 to ethernet. But since other functions are taking place, while a bridge may be present within the hardware, it would not be considered a true bridge.
Along those lines, I was waiting for you to mention an AP which has 802.3 on one side and 802.11 on the other. Didn't think I'd read AUI in the comments... that's going back!
@@TallPaulTech I'm interested in capturing outbound router traffic for my home, supplanting the DPI that my Ubiquity does. Apparently my Ubiquity router is also dialing home with MAC tables and other personal info, which I'm disturbed by. When I replace it, I would like to know whats coming and going. Does Wireshark support alternative exporting methods like delimited or .csv, or to a SQL server for using more traditional data analytic tools? Theres a few questions to start. I realize I can google and study all of this as well, but these are the kinds of things I'd be interested in seeing wireshark do. Home LAN/WLAN, at present. Thanks again for the cool/informative content.
And you know that with 5G device and service vendors are going to want to sell you appliances where the internet connection is direct to cloud bypassing your home network entirely and thus also removing any chance at controlling the data leaks going out that way.
"going to" ? They already are. The Tesla Powerwall (and car) is a prime example. It has a 3g sim card in it so it can contact Tesla no matter what. Well, mine doesn't because I ripped the sim card out. But yeah, they'll be trying it.
Thank you for this wonderful video's. I did exactly the same thing and it works great thanks to your tutorial. I tried to bridge between wifi0 and eth1 and it didn't like it. Can you do a video explaining how this would work over wifi?
Do network configuration manually , enter a wrong gateway ip, block tv ip in your router and use that tv for your dlna sources only. Get netflix and all the other from your self configured mediaplayer device.
I frequently find myself doing the same kinds of tasks. The last device i looked at was a Go pro360, i was interested in the web interface and services running on the camera. Give tcpick a try out.... `tcpick -i device -yP -C` Nice color syntax highlight. U can also use the same filter syntax as wireshark. Ip.src==1.2.3.4 || ip.dst==1.2.3.4 Did you see any http traffic? This protocol always catches my eye. It's the easiest to manipulate.
I like to do tcpdumps directly on my router and send it to my workstation over ssh while excluding the ssh traffic to keep it sane and just listen to the lan or wan interface ports. I haven't figured out how to filter packets by the device I'm looking for with tcpdump so I just filter it in wireshark. the result is a ton of packets when I only need like 1-2% of it. XD
If you mean the tcpdump capture filter for devices (same as Wireshark capture filter) then: host x.x.x.x (to filter by IP) ether host xx:xx:xx:xx:xx:xx (to filter by MAC) wlan host xx:xx:xx:xx:xx:xx (for Wi-Fi client capture)
This is a great topic that I am glad you made a video about. I purchased a Samsung "Smart" TV a couple of years ago and was very unhappy when my router reported that it was using more internet than the other devices in my house. That was without using any of its "Smart" functions. I promptly pointed the WiFi to a neighbors house and gave the TV the wrong password so that it stopped connecting to the internet. The internet options of the TV are sparse, something like network selection and password. No options for "forgetting" the network connection. Resetting the TV would work but I already had lots of other setting done. Anyway, I do have a question to ask if you have a thought about it. I have a NAS on my network that has media stored on it. I would like the TV to access my internal network for DLNA but not be allowed access to the internet. In the comments below a Pi-Hole was suggested. I am not sure if this is the best answer for what I want. Any thoughts?
Try putting a Pi in between the TV and your router. Then enable IP forwarding (that will enable you to control the traffic, instead of copying it blindly like a bridge). All traffic will then go through the Pi. If you remove the default gateway route on the Pi and only add a static route for you internal network, the Pi won't be able to route anything from the TV other than requests to your local network. A custom DNS or Pi-hole probably won't be enough, as it will still be able to contact any regular IP (and thus might be able to switch DNS servers, as Chromecasts for example do)
If you just want to stop a host accessing the Internet but still be on the internal network, just manually set its IP but don't give it a default gateway.
Getting a port-mirroring capability isn't terribly expensive these days as for example a Zyxel GS1900-8 8-port managed switch with a Linux/busybox-based firmware costs just $60 on Amazon (a tiny bit more expensive here in Finland) and definitely has this and other traditional managed features (although a cisco-style cli is a bit de-emphasized in favor of the web gui) but in a home-friendly budget (and execution). Might be even cheaper than the RasPi and those two usb-ethernet adapters combined (although you need a computer anyway to run tcpdump). Btw, how much did you pay for the adapters? I have to agree that they are a bit more portable than a managed switch, however tiny housing it got. 🙂
if one usb adapter is connected to the network, then it should get an ip address from dhcp, but how does the other usb adapter get an ip if its connected to the tv? how does the br0 get an ip? when i tried this, i got the error that br0 is not up.
I know 2 years have passed but the bridge and the two adapters in the example don’t need any IP address. The bridge is like a switch operating at layer 2 OSI. The adapters would only needs their own IP address if they were part of a router.
fuck thats scary . . . . how can you still have a smart tv or smart anything and stop this?? i have the box set of the I.T Crowd, guess ill just watch that on DVD for the rest of my life........ not a bad thing
Well, firstly what do you need a 'smart' device for? I mean, if you actually want Netflix, then I guess you're going to have to submit to that service. As for the other traffic, you can block stuff with a firewall. The big problem is people just putting any device on their home network, and for some strange reason which I don't understand, people seem to trust companies, just because they're a company brand. It just blows me away! (ie, Tesla)
Love the vid! Lots of fun can be had sitting in the middle like this. If your just looking to listen, also check out the Throwing Star LAN tap greatscottgadgets.com/throwingstar/
Waste of money getting that dedicated two port USB NIC. If you already have a managed switch, you could VLAN ports to isolate traffic, then mirror the TV's port to a wireshark device of your choosing for analysis. I can understand why you might present the information in this "simpler" format, but anyone doing wireshark packet analysis should be able to understand VLANs and port mirroring.
This video was actually meant to show how to set up a bridge on a Linux box, which has many purposes. I just used the TV as a quick and dirty example of how to use it. I didn't realise people would latch right onto that aspect of it. I might do one specifically for that purpose in the future.
Please do, I'd like to know how to track down what these smart devices are doing and block them on my managed switch.
I laughed hard when you went back into UA-camr mode to wrap up the video and stopped ranting. But it is ridiculous, and you should show more of it (and dive deeper into what it's doing)
Yep. I had FB show a recommended group to join, from a tv show we accidentally had airing on the tv the other night. Needless to say, the Samsung Smart TV now has it's mic facilities switched off.
Probably contacted TCL because it IS a tcl... its probably looking for updates to the firmware.
Perhaps. More likely its telemetry.
Finally a good channel recommendation from YT
"Apt update" doesn't update your software; it updates the latest version numbers to determine which software needs updating. It must be followed with apt upgrade to actually install the latest versions.
Loved your response to what the TV was connecting to. Absolutely ridiculous what it connects to and even worse it sends out identifiers , I agree with you completely ! Thanks 👍
Nice vid, thanks for the share. Didn't think of using the Pi for this. Normally, I do this with my laptop and one of those USB NIC adapters. But, I can see how using the Pi could be useful. Especially, if your laptop runs windows. Linux makes this more robust. Your video also shows the importance of having separate VLANs for your IoT devices. Block 'em from everything and then see what the absolute minimum they need is.
Love your channel! I would assume TCL is the manufacturer of the TV and checking firmware ver
Fascinating work....thank you for a most educational experience
Bridges are helpful. Using it to track the health of my windows machines. But i did mine with openbsd.. Greatly appreciated the video
I'm going to assume you meant bridges
@@TallPaulTech Yes.
I love the last line presumably caught by accident @ 7:32.... f..... me naked. Yes your TV is monitoring you. Awesome video mate!
It was "fuck me dead" actually
The YT algorithms finally found me another interesting channel. Woot! Cool demo, all new to me so I'll be reading up on those commands. Thanks so much for the idea and demo. Wouldn't it be interesting to see what those home listening devices send back to Amazon and Google eh.
Hey mate, glad you're here! I'm on a roll lately and ramping this up. There will be a web site coming soon with more info once I get around to it.
Bridges, ports & raspberry pies, yeah I’m following 😳
(Note to self) monitor toaster, fridge.... excellent heads up m8!!
Thanks! At least someone is out there watch out for us!
Nice video. Would it be possible to that with the eth0 and wlan0? Use case: Transform a cabled printer into a wifi printer.
Most decent smart switches support port monitoring so you can do this without the RaPi.
Much cooler doing it with a RaPi, and not everyone has access to smart switch
Smart Switches, you mean hubs?any older hub will do! Old junk but does the job well
A 5 port tp-link smart switch costs only half of that pi + power supply +case+2x usb/network adapters. Just in case your main purpose is to snoop the device.
To show how a bridge is set up on a linux box, the pi is the better choice.
Almost all Chinese "smarthings" call back to home. I bought couple of Mstar based camera modules and they report back to home even i switched off everything in the menus! No biggie just blocking the ports for that ip! Cool vid BTW!
We know this, but a lot of people in the public don't realise.
all smartthings are calling home, and its potentionally a good thing in that they get updates. it can also be not so good thing.. who to trust is up to you to decide.
@@nescius2 yes , but it's debatable, i don't want it to call home. The only thing that i can control is when or what to communicate to the outside world , that's why i use Home_Assistant! Of course for a senior citizen or for to non technical person i would recommend Google home, Alexa etc. easy to install devices! No pain, no gain! !The one who cannot invest time to cope with this information hungry world must pay the price! I know sounds cruel but this is the reality!
@@ferencszabo3504, you are not _really_ able to control what it snitches on you neither, as encryption exists. I also would not recommend any of the spy mics sevices to my friends.
@@nescius2 the Wiresharking method + hub is my best bet, otherwise I'm trying to put the lid on the system to communicate little as possible to the outside.
The term "Bridge" was redefined to accommodate language and technological confusion with the role of bridges, switches, routers, and hubs. Essentially, real "Bridges" are used to connect two topologically incompatible networks. I.E. Token Ring and AUI. As these technologies rarely exist anymore an actual "Bridge" is rarely if ever seen. One could consider a router to be a bridge when it essentially converts T-1 to ethernet. But since other functions are taking place, while a bridge may be present within the hardware, it would not be considered a true bridge.
Along those lines, I was waiting for you to mention an AP which has 802.3 on one side and 802.11 on the other. Didn't think I'd read AUI in the comments... that's going back!
Thanks for this! Any ideas on stopping the tv sending this information? Maybe something like "notrack" set up on a raspberry pi as DNS filter?
You're looking for Pi-Hole :)
You could have also used an old network HUB (not switch) to do it, right?
This is what the internet should be for. Thanks for your valuable info. I hate IoT and smartShiT.
I'm with you 100% on that!
very usefull. thanks!
Nice vid. Subbed. Would love to see more wireshark/capture analysis
What sort of traffic do you use Wireshark for?
@@TallPaulTech I'm interested in capturing outbound router traffic for my home, supplanting the DPI that my Ubiquity does. Apparently my Ubiquity router is also dialing home with MAC tables and other personal info, which I'm disturbed by. When I replace it, I would like to know whats coming and going.
Does Wireshark support alternative exporting methods like delimited or .csv, or to a SQL server for using more traditional data analytic tools?
Theres a few questions to start. I realize I can google and study all of this as well, but these are the kinds of things I'd be interested in seeing wireshark do. Home LAN/WLAN, at present.
Thanks again for the cool/informative content.
TV Render would be used for DLNA Media Players or Programs like Universal Media Sever, other than that, Time and Date only please, should be a Option
And you know that with 5G device and service vendors are going to want to sell you appliances where the internet connection is direct to cloud bypassing your home network entirely and thus also removing any chance at controlling the data leaks going out that way.
"going to" ? They already are. The Tesla Powerwall (and car) is a prime example. It has a 3g sim card in it so it can contact Tesla no matter what. Well, mine doesn't because I ripped the sim card out. But yeah, they'll be trying it.
So if you had your gaming PC and installed a PCI Express X4 NIC with 2X or more 1000MBS ports, I assume you could do the same thing?
Haha “fuck me dead”
Thank you for this wonderful video's. I did exactly the same thing and it works great thanks to your tutorial. I tried to bridge between wifi0 and eth1 and it didn't like it. Can you do a video explaining how this would work over wifi?
Bit like an amp meter measuring the current usage.
Just FYI, there is no such as an 'amp meter'. The correct name is ammeter, which measures current in amperes. Don't shoot the messenger now ;)
Is this a Model3 in the background?
thanks again
I want my TV to call occupants of interplanetary crafts.
Do network configuration manually , enter a wrong gateway ip, block tv ip in your router and use that tv for your dlna sources only. Get netflix and all the other from your self configured mediaplayer device.
I frequently find myself doing the same kinds of tasks. The last device i looked at was a Go pro360, i was interested in the web interface and services running on the camera.
Give tcpick a try out....
`tcpick -i device -yP -C`
Nice color syntax highlight. U can also use the same filter syntax as wireshark.
Ip.src==1.2.3.4 || ip.dst==1.2.3.4
Did you see any http traffic? This protocol always catches my eye. It's the easiest to manipulate.
Scary stuff. Still haven’t connected my Samsung SmartTV to the network because of stuff like this.
I like to do tcpdumps directly on my router and send it to my workstation over ssh while excluding the ssh traffic to keep it sane and just listen to the lan or wan interface ports. I haven't figured out how to filter packets by the device I'm looking for with tcpdump so I just filter it in wireshark. the result is a ton of packets when I only need like 1-2% of it. XD
If you mean the tcpdump capture filter for devices (same as Wireshark capture filter) then:
host x.x.x.x (to filter by IP)
ether host xx:xx:xx:xx:xx:xx (to filter by MAC)
wlan host xx:xx:xx:xx:xx:xx (for Wi-Fi client capture)
Btw, can you show us what type.of standing desk you are using it looks like a DIY.
It looks like a set of pallet shelves available from the hardware store, nothing more. Probably from Bunnings.
I wonder what I will catch when I use this in one of my chinese webcams!
Be sure to share your findings
Cool!
Hi what make are the USB network adapters , Love your channel
They're just generic cheap adapters. Even though the OUI is 00:00:00 I'm quite sure they're not made by Xerox!
Wow I wanna see what my TV does behind closed doors.
It might scare you!
@@TallPaulTech Your probably right. My TV is Sony one of the biggest Illuminati companies.
Interesting demo. Next question, can a filter be setup to block some IP addresses to stop some of this?
pihole!
I do this now. I block the Samsung ad servers. They constantly bombard me with their ideas on what I should be buying.
This is a great topic that I am glad you made a video about. I purchased a Samsung "Smart" TV a couple of years ago and was very unhappy when my router reported that it was using more internet than the other devices in my house. That was without using any of its "Smart" functions. I promptly pointed the WiFi to a neighbors house and gave the TV the wrong password so that it stopped connecting to the internet. The internet options of the TV are sparse, something like network selection and password. No options for "forgetting" the network connection. Resetting the TV would work but I already had lots of other setting done. Anyway, I do have a question to ask if you have a thought about it. I have a NAS on my network that has media stored on it. I would like the TV to access my internal network for DLNA but not be allowed access to the internet. In the comments below a Pi-Hole was suggested. I am not sure if this is the best answer for what I want. Any thoughts?
Try putting a Pi in between the TV and your router. Then enable IP forwarding (that will enable you to control the traffic, instead of copying it blindly like a bridge). All traffic will then go through the Pi. If you remove the default gateway route on the Pi and only add a static route for you internal network, the Pi won't be able to route anything from the TV other than requests to your local network. A custom DNS or Pi-hole probably won't be enough, as it will still be able to contact any regular IP (and thus might be able to switch DNS servers, as Chromecasts for example do)
If you just want to stop a host accessing the Internet but still be on the internal network, just manually set its IP but don't give it a default gateway.
I have all my smart devices in a VLan and I prevent that Vlan to go out to the internet to do that sort of crazy stuff. A few exceptions only
That's what I like to hear.
Nice project, but Why not just use port-mirror on the switch?
Only high end switches have port mirror capability. Generic home stuff doesn't.
Besides that, this is easy to carry around with a laptop... making it a nice cheap portable sniffer.
Getting a port-mirroring capability isn't terribly expensive these days as for example a Zyxel GS1900-8 8-port managed switch with a Linux/busybox-based firmware costs just $60 on Amazon (a tiny bit more expensive here in Finland) and definitely has this and other traditional managed features (although a cisco-style cli is a bit de-emphasized in favor of the web gui) but in a home-friendly budget (and execution). Might be even cheaper than the RasPi and those two usb-ethernet adapters combined (although you need a computer anyway to run tcpdump). Btw, how much did you pay for the adapters? I have to agree that they are a bit more portable than a managed switch, however tiny housing it got. 🙂
Can you use this with a custom WiFi network with hostapd or so?
What is that tool you are using to monitor tge trafic ?
WireShark is free and king. It supports BPF and software filtering also.
tcpdump should be available in your preferred linux distributions repository.
Is that displayed on the TV LibreNMS?
Indeed it is.
I monitor network activity with pihole. I’ve blocked multiple .gov address.
if one usb adapter is connected to the network, then it should get an ip address from dhcp, but how does the other usb adapter get an ip if its connected to the tv?
how does the br0 get an ip?
when i tried this, i got the error that br0 is not up.
I know 2 years have passed but the bridge and the two adapters in the example don’t need any IP address. The bridge is like a switch operating at layer 2 OSI. The adapters would only needs their own IP address if they were part of a router.
Loving the these raspberry pi videos btw what type of poe adaptors are you using ?
Thanks mate. Those adapters were whatever the first thing that popped up on ebay a few years ago when I bought them.
fuck thats scary . . . . how can you still have a smart tv or smart anything and stop this??
i have the box set of the I.T Crowd, guess ill just watch that on DVD for the rest of my life........ not a bad thing
Well, firstly what do you need a 'smart' device for? I mean, if you actually want Netflix, then I guess you're going to have to submit to that service. As for the other traffic, you can block stuff with a firewall.
The big problem is people just putting any device on their home network, and for some strange reason which I don't understand, people seem to trust companies, just because they're a company brand. It just blows me away! (ie, Tesla)
regards
Cheers
well.. the tv is probably made in china
Or you could just use a Plunder Bug from @Hak5
yes but their videos are cringe
First thing the TV did was contact china 😐
Well yeah, the TV has to update itself especially when that TV brand is a Chinese brand, but still I have my LG TV on a separate IOT VLAN anyway
First thing tv contacts China?!?
I wonder why he didn't care about Alexa and Netflix but care about Chinese websites. Anyway something should be first. China number one
Alexa! Play 小一点
I can do that on pc with the proper nic
same
Love the vid! Lots of fun can be had sitting in the middle like this. If your just looking to listen, also check out the Throwing Star LAN tap greatscottgadgets.com/throwingstar/
You mean like the one I used in this video? ua-cam.com/video/OPSfqB2BU60/v-deo.html
;)
Ye surely Apt-get update gonna "update" your Debian
Waste of money getting that dedicated two port USB NIC. If you already have a managed switch, you could VLAN ports to isolate traffic, then mirror the TV's port to a wireshark device of your choosing for analysis. I can understand why you might present the information in this "simpler" format, but anyone doing wireshark packet analysis should be able to understand VLANs and port mirroring.