Trying to create an action on Google that communicates with devices in my local network.
So my question is, is that even possible, to perform an operation directly through google home, without a need to have a webhook in a server somewhere??
and if so, and i will need to have a webhook, what is the best way to make the webhook communicate with my phone, other than push notifications.
If you want to control anything on your home network then you will have to run the fulfillment server in your house or let an external fulfillment server connect to something in your house. Either way you will need to poke a hole on your home firewall or use something like ngrok or bst proxy.
Then you will be in your home network and you can do your things on your local devices.
You should be more specific about the communication with your phone. What exactly are you trying to accomplish?
Related
This has taken me about a year to understand and get to, but I am the limit of my capability so reaching out to a StackOverflow guru please...
I would like to, if possible, secure my network model. The model is as shown in the diagram. To explain:-
All the aspects I have control of, is within the green shaded area. I cannot change anything outside this.
I run a simple application web server which is the VPN IPsec/L2tpd client. Static IP.
My router is ISP provided. It receives a DHCP Dynamic IP from the ISP.
My Digital Ocean Virtual Private Server has a static IP. It runs an NGINX reverse proxy that channels traffic through the VPN tunnel. It also runs the IPsec/L2tpd server.
A IPsec/L2TPD VPN tunnel is established and working.
A working VPN tunnel.
A cellphone that runs an app that communicates with my application server app. My cellphone receives a dynamic IP from my Network Operator.
I have three IP camera feeds served by my application server. Not a great speed but watchable in real-time.
I cannot change my ISP, or bandwidth/download/upload speed.
I cannot install VPN clients on the cellphone and I may want to access my app server through another cellphone provided by work so cannot install apps on it but does have unfettered web access through a browser.
Everything is now working, can't believe I've done it !
Anyway, my question is:-
Is there any way to secure the network so that only traffic from my mobile reaches - or rather is accepted - by my application server.
I accept IPsec/L2tpd is not great, but it is fast and I use this because I have tried OpenVPN, SoftEther and key based OpenSwan. These are waaaay to slow. The camera feeds are unwatchable and update one frame about every 5 seconds.
So with the limitations above, what can I do, what is possible? Please may I respectfully ask that you refrain from suggestions and concerns requiring a change to that which I cannot control, i accept all critique but that is not what I need here. I am asking for advice on how to secure , that which I can influence. Thank you
I cannot install VPN clients on the cellphone and I may want to access
my app server through another cellphone provided by work so cannot
install apps on it but does have unfettered web access through a
browser.
Due to the limitation that at the end, even a phone where you are not allowed to change anything but use the web, i suggest to configure proxy authentication on the nginx reverse proxy. I don't have experience with setting this up with nginx in particular but that's what should do the trick according to the network architecture and description you provided.
An example configuration on how to configure nginx for basic / client certificate auth can be found at: https://www.cloudsavvyit.com/1355/how-to-setup-basic-http-authentication-on-nginx/
I've build a Web-App that is displayed in an Electron-App with Nativefier. That already works great, but now i need to send requests from the website to the local network to talk with some local devices which are (with it's ip-address) configured in the Web-App.
I had the idea to use the Electron-App as a "proxy" to the local network by using a javascript callback from the Website to the Electron-App (don't know if this is possible, just an idea), which then makes the local request because it's running on a computer in the same network.
The reason for this post is that i need ideas/tips to secure this and prevent allowing to talk to other than the desired Web-App (available under a certain domain) by developing something protective like checking or validating the Server, validating the request by sending it's hash back to the server or other methods.
So my questions are: is it generally a good idea to do something like this or is this a huge security problem and have anyone any tips to secure the communication and only allowing the communication to in the web-app configured devices in the local network?
Building my own authentification system at the moment and stumbled upon one idea:
How do schools/universities etc can restrict pages to only be accessible while being on the School's Wifi? What's the technique behind it? Basically: How can I make some pages only accessible while being on a specific WiFi?
Thanks! :)
They build their own network using own server which is not public facing which means it is not accessible through internet.
To access that network, you need to be connected to their server directly or using VPN(virtual private network).
If you want to make some pages only accessible while being on specific wifi(router). You need to create one of your computers as server and create a local network and other machines can join your network using password you will provide them. Other machines which will be clients have to be connected to same wifi
They usually run on a server on the network behind a firewall so inaccessible from outside. I've built a few intranets for companies like this.
Clint.
Log-in to your router admin page and look for URL filters in setup options. Now, add the pages/sites you want to block.
I was looking at the code here from xamarin training here and as I'm going through the code (for my own educational purposes), I noticed this line (line 42)
public async virtual Task Sync()
{
var connected = await Plugin.Connectivity.CrossConnectivity.Current.IsReachable("google.com");
if (connected == false)
return;
I could be wrong..but to me, it looks like the only purpose of it to test connectivity. Is there a better way to do this than hard-code google.com just to see if there is a connection? Is there a flag somewhere that one can test for that? What if google is down (ignore the tear in space-time continuum)?
If you are testing connectivity so that you can test that your Azure Mobile App is up, replace google.com with the URL of the service. It seems that is really want you want to be testing.
It's not uncommon. For instance, iOS and Mac will make a connection to http://www.apple.com/library/test/success.html or http://captive.apple.com/hotspot-detect.html or some other URL on behalf of the user when joining a Wi-Fi network to see if the network has Internet connectivity and also to detect captive portals. Microsoft and Android devices do something similar, just with a different known URL.
It's probably best to try and connect to a service you control, since in general if your app is useless if it can't make a connection to yourapp.com, it's best to make sure you can connect to yourapp.com.
Doing the test to see if google.com is available is a reasonable fallback to see if the device has 'connectivity', though.
I have a security question about games and network.
Today most games (like Call of Duty) uses a 'on client side host' server system. So for some time, one client becomes the host of the game. I'm looking for some resources on how to do this properly (in a technical and safe way) because I'm working on a project like that.
But for now the only solution I found is to share the IP address of my host clients to other guest clients. And I'm not proud of this. So I am looking for a method or technology like IP masking or another stuff like that would protect my customers from other malicious customers that could retrieve IP of my customers and maybe hack them?
EDIT:
But what I'm asking is if there is any solution like services like on the fly subdomains redirections with parameters for connecting to specific clients or anything like that? I mean
subdomain.mygame.com/clientname
If you want true peer-to-peer connections in your game there is no way around sharing the IP address. After all if they are to talk with one another then they need to know how to reach the others.
Alternatively you can route all their traffic through your server and each client connects to it independently. That way they do not have to know any information about each other except your in-game user id.