Posts

Showing posts from December, 2015

Honeywell RTH9580WF Thermostat - Waiting for Update Deep Dive

Image
I'm still having issues with the Honeywell wifi thermostat (RTH9580WF) displaying "waiting for update" on when the wifi is routed through my proxy server, so I decided to do a deep dive into what the thermostat is doing when it's getting the weather updates.

I also wanted to better understand how to trace traffic on my network.

Here's what I learned about the thermostats weather updates system by tracing the communication between the thermostat and servers. Currently:
Thermostat requests the current weather and 12 hour forecast from a server: http://104.209.185.251. This server appears to run code managed by Honeywell in Microsoft's Azure cloud.Every 15 minutes it makes two port 80 GET requests to the IP address:http://104.209.185.251/WeatherAPIProd/api/weather/current?appKey=b9db7a3d469892e8&language=en-us&locationKey=36691_PC (return current weather for location)http://104.209.185.251//WeatherAPIProd/api/weather/forecasts/hourly/12hour?appKey=b9db7a3…

Update Arpwatch ethercodes.dat file from IEEE source

I was noticing that many of the Arpwatch notification messages coming back were marked "unknown" for the manufacturer name in the MAC address lookup. I looked at the date of the file in my Ubuntu file system and it was last updated in 2012. Arpwatch uses this file to determine the manufacturer name for a given MAC address prefix.

I found a script at this blog post which looked quite promising. A few simple transformations of the file downloaded direct from IEEE, updates from the comments on the blogpost and it was ready to go. I added in the lines to copy the files to the correct locations in Ubuntu's implementation of Arpwatch.

Here is the updated script:

Here are the basic steps and commands to do it on a terminal session.

1.Create the script using nano (copy and paste the script above) into a file called update_mac_addresses and then run it.
nano ~/update_mac_addresses.sh
2. Make it executable
chmod +x ~/update_mac_addresses.sh
3. Execute the script. Sudo is only need…