Some links with notes on WoonVeilig/Egardia security system communications, protocols and support by 3rd party home automation apps
Posted by jpluimers on 2021/03/23
Security issues for older models (mainly GATE01 and WV-1716 systems; which used a lot of Climax components):
- [WayBack] Woonveilig Alarmpanel – Domoticz
- [WayBack] Woonveilig Alarm System – Older models (WV-1716 & GATE01) – Share your Projects! – Home Assistant Community
- [WayBack] Eins, zwei, drei, vier, drin | c’t | Heise Magazine
A more recent security review:
- a privacy label for IoT products in a consumer market
- [WayBack] Diermen_R_van_2018_CS.pdf
- [WayBack] The Internet of Things: a privacy label for IoT products in a consumer market
- [WayBack] The Internet of Things: a privacy label for IoT products in a consumer market – Cyber Security Academy
This thesis is about the design of an IoT privacy label and the methodologies to collect the necessary information to populate the privacy label for an IoT product and its entire ecosystem. The privacy risks of IoT ecosystems are determined by testing all components in the ecosystem for vulnerabilities. These vulnerabilities can be found by security scans, penetration tests and audits, and quantified by using the Common Vulnerability Scoring System (CSS). The level of the privacy risk can be determined and expressed by combining the sensitivity of the personal information being processed and the vulnerabilities in the IoT ecosystem. A conceptual six-layer IoT service model has been developed to better understand the architecture of the IoT product and to structurally test all components. Three case studies were performed in this research to assess and improve the methodologies and design of the privacy label.
Key words: IoT ecosystem, privacy risk matrix, privacy label, IoT security testing
Physical security is important too; ensure the system is in an enclosed closet, powered by a UPS and your communication lines are secured as well: [WayBack] Manipulationen an Alarmanlagen verhindern – Smarthomewiki
Dutch links on the hardware connections and protocols used:
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: projecten
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig systeem project 1 (adding classic reedcontacts to your Egardia door/window sensor)
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling:
- gate01.alt.egardia.com
- ics.egardia.com
- http://www.woonveilig.nl
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig alarmsysteem lokale toegang
- [WayBack] WWW.BRULE.NL – Hard- en software ontwikkeling: Woonveilig alarmsysteem gekoppeld aan Raspberry Pi
More recent information:
- [WayBack] Egardia – Home Assistant: Instructions on how to setup Egardia / Woonveilig within Home Assistant.
- [WayBack] GitHub – jeroenterheerdt/python-egardia: Python library to interface with Egardia / Woonveilig alarm
API usage:
- [WayBack] Announcement: mozaiq expands Egardia alarm system • mozaiq
- [WayBack] Woonveilig / Eguardia support – Ideas & Suggestions – Homey Community Forum
- [WayBack] WoonVeilig App | Case Study | The Mobile Company
More subdomains (in 2019) via:
- [WayBack] How to find Subdomains of a Domain in Minutes?
- woonveilig.nl
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- woonveilig.nl
- htbridge.com: SSL Security Test of woonveilig.nl
- alarmsysteem.woonveilig.nl
- woonveilig.nl
- cms.woonveilig.nl
- http://www.woonveilig.nl
- mijn.woonveilig.nl
- dnsdumpster.com: [WayBack] woonveilig.nl-201903251445.xlsx
-
alarmsysteem.woonveilig.nl mijn.woonveilig.nl srv01.woonveilig.nl http://www.woonveilig.nl
-
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- egardia.com
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- my.egardia.com
- egardia.com
- cms.egardia.com
- mobile.egardia.com
- http://www.egardia.com
- ftp.egardia.com
- localhost.egardia.com
- mail.egardia.com
- htbridge.com: SSL Security Test of egardia.com
- cam05.dev03.egardia.com
- dev03.egardia.com
- egardia.com
- http://www.egardia.com
- my.egardia.com
- rt.egardia.com
- dnsdumpster.com: [WayBack] egardia.com-201903251438.xlsx
-
dev03.egardia.com stream01.dev03.egardia.com cam05.dev03.egardia.com app01.egardia.com app02.egardia.com cpe01.egardia.com cpe02.egardia.com ftp01.egardia.com ftp02.egardia.com galera01.egardia.com galera02.egardia.com galera03.egardia.com lb01.egardia.com lb02.egardia.com mailout.egardia.com my.egardia.com nfs01.egardia.com nuance01.egardia.com sip01.egardia.com sql01.egardia.com sql02.egardia.com rt.egardia.com srv01.egardia.com http://www.egardia.com stream01.egardia.com stream02.egardia.com
-
- pentest-tools.com/information-gathering/find-subdomains-of-domain
- woonveilig.nl
–jeroen
woonveilig.nl [WayBack] dnsdumpster.com/static/map/woonveilig.nl.png
egardia.com: [WayBack] dnsdumpster.com/static/map/egardia.com.png
The Wiert Corner - irregular stream of stuff 
Leave a comment