Author Topic: Why is vera trying to access webservers on my network?  (Read 5109 times)

Offline Richard

  • Sr. Newbie
  • *
  • Posts: 34
  • Karma: +0/-0
Why is vera trying to access webservers on my network?
« on: August 13, 2011, 09:29:04 pm »
My Vera2 has been trying to access the other computers on my network that have webservers.

Why is it doing this?  Is this part of the normal software operation or does it have some sort of worm?
If this is normal, can you please explain which part of the software is doing this and way?

Here are example records from my access logs on a computer that is completely unrelated to my home automation setup:
VERA2IPADDRESS - - [13/Aug/2011:16:29:02 -0400] "GET /CgiTagMenu?page=Top&Language=0 HTTP/1.1" 404 208
VERA2IPADDRESS - - [13/Aug/2011:16:29:02 -0400] "GET /main.cgi?next_file=index_in.htm HTTP/1.1" 404 206
VERA2IPADDRESS - - [13/Aug/2011:16:29:02 -0400] "GET /main.cgi?next_file=index_in.htm HTTP/1.1" 404 206
VERA2IPADDRESS - - [13/Aug/2011:16:29:02 -0400] "GET /top.htm HTTP/1.1" 404 205
VERA2IPADDRESS - - [13/Aug/2011:16:29:02 -0400] "GET /login.htm HTTP/1.1" 404 207
VERA2IPADDRESS - - [13/Aug/2011:16:29:03 -0400] "GET /index.html HTTP/1.1" 404 208
VERA2IPADDRESS - - [13/Aug/2011:16:29:06 -0400] "GET /puckstatus.xml HTTP/1.1" 404 212


Richard

Offline futzle

  • Beta Testers
  • Master Member
  • *****
  • Posts: 3258
  • Karma: +191/-9
Re: Why is vera trying to access webservers on my network?
« Reply #1 on: August 13, 2011, 09:44:17 pm »
It's normal.  Vera is trying to autodiscover devices like IP cameras and Square Connect Pucks on your LAN.

AFAICT Vera listens for UPnP broadcasts on your LAN and attempts to connect to the broadcast hosts' origin using known URLs.  I haven't found a way to disable this behaviour, short of firewalling Vera.

(GPL violation ahead: Vera's DHCP server, dnsmasq, has the script /usr/bin/cmh_PnP hardcoded into it.  Micasaverde hasn't provided patches to the dnsmasq source, as they are required to.  So it may in fact be hard to change this behaviour.)

Offline Henk

  • Hero Member
  • *****
  • Posts: 820
  • Karma: +3/-0
Re: Why is vera trying to access webservers on my network?
« Reply #2 on: August 14, 2011, 02:05:48 am »
UPnP autodiscovery can be deactivated as of version 1245.

After unticking the appropriate box this behavior should stop.
The checkbox can be found at the bottom of the screen when clicking "add / remove device"

unticking the "scan for UPnP devices" should do the trick.

Can you confirm that?!?

Henk
« Last Edit: August 14, 2011, 06:04:02 am by Henk »
| Vera2 @ UI4 1.1.1350 / 3.20 | Vera Lite @ UI5 | Vera 3 @ UI5 | 2x Merten  504519 | 1x Duewi  064374 | 1x Everspring SM103 doorbell mod |1 Y-cam IP cam | various LUUP plugins |

Offline futzle

  • Beta Testers
  • Master Member
  • *****
  • Posts: 3258
  • Karma: +191/-9
Re: Why is vera trying to access webservers on my network?
« Reply #3 on: August 15, 2011, 07:11:12 am »
I have that checkbox off, but cmh_PnP still runs on my Vera.

It looks like Vera is listening in on DHCP requests on the LAN, and using them to get a list of other devices on the LAN.  That's a bit... unwelcome.  I agree that it would be good if I could turn that off without having to hack the cmh_PnP script or making a special firewall rule.

MCV, it's customary to use multicast DNS (zeroconf) for this kind of autoconfiguration.  Using DHCP is IMO not being a good net citizen.

Offline Henk

  • Hero Member
  • *****
  • Posts: 820
  • Karma: +3/-0
Re: Why is vera trying to access webservers on my network?
« Reply #4 on: August 15, 2011, 07:24:16 am »
Again a topic that should be movesd to the security section IMHO.
Will aak an admin to look into that.

As for your remarks @futzle; i could not agree more.
I dont know of this is a case of "convenience programming" or because of limitations from Vera
and / or the UPnP stack, but in its present function it should be cleaned up and use multicast if possible at all.

The way it works now poses all kinds of "unwanted" network traffic and polling.

Henk

I have that checkbox off, but cmh_PnP still runs on my Vera.

It looks like Vera is listening in on DHCP requests on the LAN, and using them to get a list of other devices on the LAN.  That's a bit... unwelcome.  I agree that it would be good if I could turn that off without having to hack the cmh_PnP script or making a special firewall rule.

MCV, it's customary to use multicast DNS (zeroconf) for this kind of autoconfiguration.  Using DHCP is IMO not being a good net citizen.
| Vera2 @ UI4 1.1.1350 / 3.20 | Vera Lite @ UI5 | Vera 3 @ UI5 | 2x Merten  504519 | 1x Duewi  064374 | 1x Everspring SM103 doorbell mod |1 Y-cam IP cam | various LUUP plugins |

Offline Ap15e

  • Beta Testers
  • Hero Member
  • *****
  • Posts: 1998
  • Karma: +12/-0
Re: Why is vera trying to access webservers on my network?
« Reply #5 on: August 15, 2011, 03:43:12 pm »
Vera is interested in the following devices (according to the syslog messages from cmh_pnp):

Code: [Select]
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a SQ Puck
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a Panasonic IP Cam with autenthication
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a Sercomm IP Cam with autenthication
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a Sercomm IP Cam without autenthication
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a Dlink Cam
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a Foscam Cam
Aug 15 20:25:55 192.168.x.y cmh_pnp[5694]: It isnt a gc100