NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
How To Get Daily Usage from ORBI with API/REST?
I want to get daily internet usage (I'd like by device but I'd take total) of interent connection. I use comcast and they cap and I need to track without having to login.
It is the "without login" that makes this difficult. There is a web page that displays the current usage: htp://<ip of orbi router>/show_traffic.htm
You could put a bookmark on a web browser. If the web browser has stored the Orbi credentials, the screen will pop up. People who enjoy programming can whip up a task that does the http, scrapes the values off the page, then "does something " with them.
If someone has discovered API's for the Orbi, please share because I have never heard any mention of it.
How can I login with a shell sript? I try ssh to my IP of the router and the ssh port rejected me. Also, I see these URL's
http://172.16.0.1/RST_statistic.htm
http://172.16.0.1/show_traffic.htm
Are there others? I'm hoping to find traffic for at each of at least the last 30 days.
Orbi does Telnet, not ssh.
I just tried telnet to 172.16.0.1 (same as my public stats) on port 23 and got connection refused.
- You want to Telnet from OUTSIDE? I always use the Orbi internal LAN IP. On my cae 193.168.1.2
always inside. This works: http://172.16.0.1/RST_statistic.htm so I assume that is my IP that I want to telnet to.
- Oh, my. I would not be happy to think that my Orbi accepts Telnet from the internet side. I will definitely check when I get home tomorrow (traveling today) I thout it strange that they do http: and Telnet rather than https and ssh, but justified it because a device has to be 'inside' in the first place.
This is definitly not meant to be an enterprise device, though it is a little scary if the wifi exposes telnet and https through unencrypted transmissions that include my router password. My downstairs neighbor works for google and I guess it's good he's an honest guy.
I just realized that I'm writing a chrome extension that uses basic auth connect to the public url on the local side of the router at http://172.16.0.1/show_traffic.htm. I tried https and it said there is an invalid cert there so it does me no good as I don't want to load that into everyone's browsers.
So, I'm issuing myself a "stop work" order because if I continue and publish this, I'm basically inviting anyone with an Orbi router who connects to it over wifi to expose there router's password to the admin control panel over wifi.
Come to think of it, NetGear has already done that by exposing the admin control panel over wifi and http.
Is my thinking flawed here? Should I be reporting to the world that NetGear's routers have a horrible security flaw in them?
- Wifi transmission is encrypted. I used to see articles about how WiFi could be cracked by capturing so many gigabytes of traffic (or something. Poor memory)
That is why Netgear feels less pressure on the LAN side. The evil doer has to be either (1) wired, or (2) connected to the WiFi with the password Hmm. Interesting thoughts.
What happens if I'm at starbucks connected to their wifi. I try to login in to my 172... ip address (even though of course there is no orbi there because I'm not at home). Will I generate traffic that someone with a network scanner would see who is connected to the local starbucks wifi?
That would be my case if I deploy this chrome extension I'm almost done with. That is, it will try to connect to 172... even when at starbucks (it does not know I'm not at home)
- If you program it with the internal IP address, it won't work anywhere but at home. I am not certain that it would work from Starbucks.
How about setting up a Hotspot on your cell phone to test? That is what I did to test OPENVPN on the Orbi. I'm confident that netgear wouldn't route traffic from the outside to port 172... but what I'm worried about is if my laptop connected to starbucks wifi attempted to connect to 172.. that it would broadcast my username and password of my home router. does that make sense?
- I would have to see a Wireshark capture. Seems to me that there would be a connect request before Orbi asks for user name and password. If Orbi does not accept the connection, maybe no credentials are ever passed. Yet another use for the Hotspot!
Hopefully, my google extension will be out in a couple days.
Concerning security of the external link. I set up my cell phone Hot Spot, connected a laptop to it, and attempted to reach my Orbi:
- Telnet failed to connect to the public IP.
- HTTP and HTTPS failed to connect to the public IP.
- I enabled Remote Administration, which uses an https connection to mynetgear.com, and was able to connect.
(although, of course, it warned about the Orbi certificate being invalid - so sad)
My conclusion is that login credentials are not likely to be passed "in the clear" because your Chrome extension will not get connected to the Orbi public IP.