Wednesday, August 16, 2006

Network General Sniffer

Manufacturer: Network General
Model: Distributed Sniffer System Server
CPU: Pentium MMX, 233MHz
RAM: 64MB
HDD: 2GB
Release Date: Late 1997

Shown here under my RS/6000 Model 250

Network General merged with McAfee in 1997 and became known as Network Associates (Briefly called NAI). In 2004, a re-org split things back up again, the McAfee name re-appeared, and several product lines were sold, spun-off, or discontinued. As a result, Network General is its own entity, once again focused on the Sniffer product line.

I acquired this machine in 1999 at a surplus auction. The Distributed Sniffer System was a unique solution to the problem of monitoring traffic in the enterprise. Prior to this, a netadmin needed to haul a specialized network monitoring system to various network closets in order to monitor traffic on that network segment. This was often a powerful laptop (for the era) with special protocol analysis software (affectionately known as a "network sniffer"). Network General had a solution for this problem that involved placing a sniffer node on each network segment, then providing a way for the netadmins to gather data from all of the segments at once. They called this the Distributed Sniffer System.

As far as hardware goes, there wasn't too much that made this machine unique among its desktop peers. It wasn't even built in a rack-mountable case. It was, for all intents and purposes, a run-of-the-mill desktop PC with a few extra expansion cards to try to cover all the different network types that might be encountered at the time (10/100 twisted-pair ethernet, AUI, and coaxial) as well as having two PCMCIA ports via a generic 16-bit ISA card. It was then loaded with NG's proprietary software.

Alone, this sniffer machine isn't capable of much. One also needs to have the software to gather the data from all the nodes. I didn't have it. Since this was just a pretty normal PC, I had other plans for it! I installed Red Hat Linux (now basically known as Fedora), vgetty, and Penguin Power, an X10 home automation program that runs on Linux.

Penguin Power is made to interface with the 16-Channel X10/SmartHome CM11A computer control interface. This is a simple white box that plugs into the wall, and then into your computer via serial cable. It allows your computer to not only send X10 commands to home automation devices (light switches, appliances, motorized curtains, sprinkler systems, garage doors, you name it), but it can also recieve X10 commands from an X10 remote and act on them. You could make a macro that, with the touch of a button, shuts off every light in the house. You could launch commands to make your computer play music or adjust the volume. Paired with cron, a program scheduler that's standard with almost any UNIX-like OS, one could easily schedule the sprinkler system, coffee maker, or outdoor lights as well.

On top of appliance, light switch, alarm system and accessory modules to attach to your household electricals, X10 sells several sensors that act like single-channel remote controls on the X10 network. Motion sensors, door or window sensors, light sensors and others can send a signal to your X10 system. This can be an X10 emergency alarm telephone dialer, a chime or loud klaxon, or it could simply turn on a light (a motion sensor could automatically turn on the closet light or your driveway flood lights for example). Similarly, you could have PenguinPower run a set of commands to log the sensor activation, sound an alarm, flash all of the house lights on and off, or any other action you can think of.

With a 16 channel remote, 2 serial ports and 2 CM11A's on different home codes, you could theoretically mix and match 32 channels between devices and remote control macros for a really powerful home automation configuration.

I also paired this setup with a voice-capable modem and the vgetty package for Linux. Vgetty is a daemon that can answer voice-capable modems, turning your properly-equipped Linux box into a multi-mailbox answering machine. On top of that, though, vgetty offers a powerful DTMF (touch tone) recognition system which allows vgetty to run commands based on what phone buttons you press. I configured it to require a passcode before accepting commands, and then I gave each controlled device in my house a 2-digit number.

If someone calls and no one answers our phone after 6 rings, vgetty answers like a normal answering machine. If the passcode is dialed during the greeting message, the greeting stops and I'm free to enter commands. The commands I chose were the 2-digit device number followed by a 0, 1, 7, or 9. 0 sends an "off" signal to the device, 1 sends "on", 7 sends "dim" and 9 sends "bright". Thus, on my way home from work, I can set the mood in the kitchen, put some music on, or kick on a pot of coffee. I could also close the garage door from anywhere I could get a cell phone signal if I forgot to do it in my haste to get to work.

Once all's said and done, this wasn't exactly a cheap project. All the X10/SmartHome hardware was kind of expensive but well worth it in Geek factor. The voice capable modem set me back $120 back in 1999 but I'm sure you could find a cheaper one now. You could duplicate it on any old, slow PC. It doesn't even need a keyboard, monitor or mouse once you're done setting it up. Maybe someone wants to try a similar setup on a Soekris appliance (486 CPU in a modern network appliance shell) and tell us about it. That would seriously rock! Consult the vgetty documentation for details.

No comments: