Web Server Packed into RJ45 Connector

VinceTronics writes "Electronic Design magazine has a review (.pdf) of the XPort by Lantronix, a product that packs an entire web server into the volume of an RJ45 connector! This includes an 80186 controller, an OS, the TCP/IP stack, a 10/100 Ethernet transceiver, and the LAN interface magnetics. Downside is that the serial interface to the controller tops out at 300 kbps, but for $33 (in 10K quantities) it's a cool, easy way to net-enable just about anything."

Re:I'm wondering

[amorsen]

Ok, imagine your company makes sensors that output their results via RS-232 serial. Or controllers that are given commands via RS-232 serial. Or maybe you have machinery that is programmed through RS-232 serial. Either way, your would like to access those products remotely, and RS-232 just doesn't go very far. Add this thing, and suddenly your products are web-enabled.

The price is a bit high still, but there is a lot of equipment where $33 extra a unit would not scare customers away.

big hairy deal

[Lumpy]

the Siteplayer is bigger but does more and is easily afforded by nearly anyone at $29.00 in SINGLE QUANTITIES so buy one and mess with it, make the first toaster with an IP address, 10baseT and a web interface (I did. though it was neat, then dismantled it because it was reallllly silly.)

http://www.siteplayer.com/ is the place to go.

If you cant buy the product in single quantities for a very reasonable price, then it's not worth messing with.

Re:These seem cool

[rtaylor]

Can't see why that would bother you. You encrypt everything between the desktop and the server room anyway right? Just like your wireless access?

I bet someone could generally walk in the frontdoor with a laptop and sit in the meeting room to accomplish the same thing without anbody saying anything.

Re:Forget about stealth Dreamcasts!

[Daytona955i]

It still needs to connect to your network which means a new light on your hub/switch/router. A regular portscan of your network ip address range would find this, then you can just pull the connection at the other end. I don't think the security concerns are as great as everyone seems to think. I think it would be cool to modify it to integrate a wireless card with it to allow a wider market. I for one don't really feel like running cables into my kitchen.
-Chris

Re:Great!

[ip_vjl]

Why would you need IPv6?

Are you planning on making your fridge world visible? If not, your appliances could all sit behind NAT and you'd still only need a single IP address for your entire house.

I wouldn't want to get home and find out I've been H4X0R3D and have a freezer full of rotten food, so I don't think I'd ever give them world visible addresses.

--

Not that IPv6 is a bad thing, but this probably wouldn't significantly grow the total number of world routable addresses much, as they'd be on private nets.

Re:I'm wondering

[Cyberdyne]

How about eatable RFID embedded in food, someone ?

I don't know about edible, but I do like this idea; for most fruit, you could embed the tag in the skin, for example. I'd actually really like to be able to get a list of stuff in the fridge, be warned when something's approaching the eat-by date...

Better still: some RFID tags have sensors in. A simple Perl script could track a shopping list for me, and either order replacements online or be synced to a PDA for shopping. Maybe even couple it with a Pricewatch-type site, so I know which supermarket would be cheapest for that particular list; work out what recipe I could make, or what I'd need to add.

Alternatively - if this device can do 300 Kbit/sec in this version, how about cable-modem/ADSL routers? Up the bandwidth a bit, it would handle the load OK; as it is, it could make a nice easy dialup router. $33 with a serial port - add a simple modem, and you have the ultimate plug+play ISP: one end in the phone socket, the other in the NIC, and it's all preconfigured!

Re:Question

[EnglishTim]

I think the idea is that people who produce things like TVs, Refrigerators, water heaters etc... could easily intergrate these things into their products for a minimal cost. So, you can have your iRefrigerator and plug a network cable in it, and it can now email you when it runs out of ice, or someone leaves the door open, or it needs de-icing. You could point your webserver at it and get a reading of the current temperature, how much ice it has etc...

You could put these things in drink kiosks so that they can email you when they're almost out of Dr. Pepper.

I can't see why you'd want one in a toaster, though...

In perspective..

[nolife]

Downside is that the serial interface to the controller tops out at 300 kbps, but for $33 (in 10K quantities) it's a cool, easy way to net-enable just about anything."

The size is a big factor but there are already full blown devices that can do far more then this and are cheaper. Take a look at some DSL/Cable routers. Siemens sells one that is a 10/100 4 port switch, web interface and control, printer port, firewall, etc... for $19 and $28. Many SMC barricades and Linksys models are going for under $40. These devices might not fit into a toaster but I know they could be made smaller. I know comparing these to the articles product is not apples to apples but there are cheaper and more robust web and network enabled devices already out on the street.

Re:Forget about stealth Dreamcasts!

[cgenman]

I don't know if noticing a new light will provide any protection... computers here are routinely plugged in and out depending upon agent and client needs, etc, and that portscan erancy might just be a new laptop that somebody plugged in. I would think what you need to do is moniter the traffic out of your network, and prevent anyone from forwarding sniffed packets across your firewall. They might be difficult to detect if the machine had built in ssh, a time-delay, and mimmocked normal traffic use (requesting /. at 10:00 AM, for example).

The best protection against this is that with the above mentioned precaution it is unnecessary. If someone can smuggle themselves into your building, install a piece of hardware onto your network, and smuggle themselves out, then back in and out again to remove the device, why not just install a keylogger onto the back of someone's keyboard and get admin priviledges?

Personally, I'm hoping this gets integrated into webcams. I would love to setup a camera out of the side window of my basement to know when the carpool has come, but really don't feel like putting a full server into that environment.

Re:Forget about stealth Dreamcasts!

[DickBreath]

It still needs to connect to your network which means a new light on your hub/switch/router.

You're right. This is a major drawback.

What we need is help from some hardware hackers. Surely someone skilled with electronics could build a, say, calculator sized board, duct taped to a square 6-volt lantern battery, that would have both the function of a hub and a packet sniffer using a small embedded microcontroller.

The way I propose building it, such a device would plug between an ethernet jack and a computer. It would install inline. (Although my proposed construction method is too bulky to be hidden inline, but the construction price is right. So it needs to go "inline" up in the suspended ceiling.

Since it is inline, it doesn't "take up" an ethernet port. It piggybacks on a legitimate device that is entitled to have a network connection.

A regular portscan of your network ip address range would find this, then you can just pull the connection at the other end.

Not true. Just because the thing listens on ethernet does not mean it needs to respond to portscans. Heck, it doesn't even have to have an IP address. It doesn't even need to have a MAC address!

Late at night, when the device the sniffer is piggybacked onto isn't doing anything, our sniffer could then use the same MAC address and IP address as the piggybacked device. Packets sent out from our sniffer could look to the LAN, switches, routers, etc. just like they had come from the piggybacked device. In fact, no reason we couldn't do this during the daytime. Our sniffer would watch for reply packets comming to our MAC and IP address to one of OUR port numbers, and just not relay those packets thru to the piggybacked device whose connection we're leaching from.

Okay, maybe this shouldn't have a "hub", but should really be an embedded computer with TWO ethernet ports. It's normal function is to "transparently" bridge all packets between the two so that it is invisible "inline".


I sure wish such an inline sniffer could be truly small so that it literally could go "inline" between two ethernet cables, connecting them together. But the price of such equipment isn't there yet for most of us.

Another problem that I touched on above is how to power such a device. I mentioned the possibility of battery power. This is fine if you don't want a permanent "bug" in someone's network.

Better is to somehow power it from utility power. A small AC adapter? A very tiny switching power supply on the sniffer's circuit board so that you just use aligator clips to hook into 110v power, such as in some light fixture in the suspended ceiling? (You still need battery backup for "lights off" hours.) Well, maybe just the insides of an AC adapter bolted to your board, with alligator clips for 110v power. Again, the price and ease of construction is right for those of us without NSA style budgets.

I wish I could buy some of the NSA's packet sniffers from ThinkGeek.


Another problem is how does the device communicate to its master? IRC is one possibility. Instant messaging? P2P? What about a P2P that is bandwidth friendly like OpenNap? The device connects to a server, offers several bizzarre files to upload. When one of those files is uploaded, that triggers it to search for and then "download" a file of new commands or firmware. When a different file is requested for upload, the sniffer yields up its booty. Besides IRC or OpenNap, the device could pretend to visit certian web sites. Various URL's of the web site would secretly communicate "bits" of steganographic information. For instance, it visits my "slash" site. It checks the last 64 comments. Which of the 64 comments it checks, communicates a 6-bit value to the web server. Of course, once such a device is discovered, the web server might be implicated. Another possibility is to e-mail various yahoo or hotmail accounts with encrypted infor