Using Wireshark and MITM to explore a STB

I’ve recently bought a new Freeview HD box from 3view. It has a whole host of features and can be considered a “connected” device. As with most high-end set-top-boxes (STB) it pulls software firmware updates from the web, and I was interested to see where it went to get these updates & how it knew they were available.

I know about using tools to sniff network traffic, but have only done this to sniff traffic coming directly out of the PC I’m running the capture software on. Buying this 3view box gave me more of an inventive to expand my knowledge & figure out how to capture the traffic from other devices.

It was actually relatively easy. I decided to do a Machine in the Middle (MITM) ‘attack’ which was documented over at the Wireshark wiki.

In my case I didn’t have 2 network cards, but did have a laptop with one network card, and a wireless card. In Windows XP I bridged the NIC to the Wireless adapter, then plugged in a cross-over cable that linked the 3view box to my laptop. Then, after a bit of messing about with IP addresses it started working.. my 3view box was accessing my wireless router via my laptop.

Now that all the traffic from the 3view box was going via my laptop, all I then needed to do was fire up Wireshark & take a look at the packets.

Intercepting the traffic allowed me to see where the box was going for it’s updates, and the User Agent. That’s been documented over at the 3viewer community website I set up for 3view owners.

http://3viewer.elementfx.com/

Advertisements

3view Community Website – Forums and News

Last week I put in my order for a new Freeview HD box from 3view.. the box is due to be shipped on the 27th May 2010. Apart from the official 3view Facebook group, there were no forums or news sites to speak of, so I’ve set up a site called 3viewer which is hosted on some free space with x10hosting.

http://3viewer.elementfx.com/

Site performance isn’t going to blow anyone away (it seems especially poor when the US is awake), but it’s got full PHP support, MySQL databases and everything I needed to set up Joomla and phpBB. Other free hosting (such as Zymic) runs into problems with Joomla extensions because it doesn’t support unzipping of files, which is a bit rubbish.

If you’re in the market for a new Freeview HD box then check out the coverage of the 3view box over at 3viewer.. it looks as though it’ll be a decent box with some interesting Internet-connected features. I’ll be posting independent reviews and videos as time permits.

3view Q&A – Freeview HD

This year Freeview goes HD.. but as yet there isn’t any hardware available to consumers. I’ve been keeping my eye on 2 boxes, the Humax DVB-T2 HD and one by a new British company called 3view.

3view has peeked my interest because of some of the more innovative features they’re including, like the support for VOD, apps (e.g. Facebook), and web-browser that allows you to view sites like Channel 4’s 4oD.

There’s a feature list on their site, but I also emailed them to clarify a few things. What I asked may be of interest to others, so here’s what they said;


Q: Now that the BBC intends to restrict the EPG data, is that something that won’t be available on the 3view box?

A: We are currently in discussions with BBC about this. There shouldn’t be any problems and the EPG data will be available on the 3view box.


Q: Is the box able to play back DivX/Xvid?

A: DivX5 or higher – no problem but the older version codec hasn’t been tested. We have tested Xvid and that’s fine too.


Q: With the H264 support, I’m assuming these can be in an MKV container? Will it play back 1080p video without a problem? And how about support for pass-through on DTS soundtracks? Oh, and embedded subtitles?

A: There won’t be any problems with playing back 1080p videos. Embedded subtitles tracks will not work in the current version, once recorded. We may add that in the future.


Q: Is there any way for users to customise the software on the box? I love the Topfield TF5800 because you can add user-written apps to plug gaps in functionality and generally make the box so much better.

A: Not yet- once we have a solid code base we may allow some customer tinkering – but not from launch, as bug tracking will become too complex for a V1.0.


Q: Is the remote control IR, or Wireless?

A: It is IR – BUT we have zwave installed and may offer zwave remotes in the future for extra web interoperability


Q: Are you able to record 2 programs, and watch 1 other (as long as it’s on the same multiplex as one of the recorded programs)?

A: Not at the moment – it’s record one and watch one. We will be adding that in a future upgrade.


Q: Do you think the box will be firmware upgradable to include support for the BBC’s Canvas project when that starts to get finalised & implemented?

A: We anticipate a YES but we cannot be sure as it is not a reality yet.