krash867
New Around Here
I am a longtime Merlin user and have lurked the board for what seems like ages. I've never had to post before because like every tech savvy guru, I know that my problems are not unique. Someone... at least one person has had the same issue as I, and most likely there are multiple solutions available. This is not a unique situation either. About six months ago I purchased my first smart home devices, two Philips Wiz Light Bulbs. Not counting the original Google Home purchased on launch day, and two outdoor Nest cams.
I recently started trying to monitor and be aware of what all the devices in the house have been doing. This month I was surprised to see the amount of data that these light bulbs have been transmitting/uploading. I am not sure exactly what they are sending, I am hoping for some help as to how to figure that out. For now though I leave you with the screenshots of the Traffic Analyzer tab for each bulb.
I would like any pointers or help with trying to figure out exactly what these bulbs are doing. I am sure that they are not really browsing CNN or watching TikTok. Highly unlikely.
What are some methods to capture the traffic from the bulbs and analyze it?
I did notice that each bulb only connects to one IP address and there are no dns queries in my logs. (logging may not have been implemented at the time the bulbs were being wonky)
I can only assume that they are infected with some sort of malware or are being used in a bot network.
Thank you all in advance.
I recently started trying to monitor and be aware of what all the devices in the house have been doing. This month I was surprised to see the amount of data that these light bulbs have been transmitting/uploading. I am not sure exactly what they are sending, I am hoping for some help as to how to figure that out. For now though I leave you with the screenshots of the Traffic Analyzer tab for each bulb.
I would like any pointers or help with trying to figure out exactly what these bulbs are doing. I am sure that they are not really browsing CNN or watching TikTok. Highly unlikely.
What are some methods to capture the traffic from the bulbs and analyze it?
I did notice that each bulb only connects to one IP address and there are no dns queries in my logs. (logging may not have been implemented at the time the bulbs were being wonky)
I can only assume that they are infected with some sort of malware or are being used in a bot network.
Thank you all in advance.