Envisadroid updated, looking for dev test systems

[tylerthetiger]

webhiker,
How is development going for vista? I'm getting ready to purchase an EVL-3 to use with my Vista20p. Once I have it set up I could give you temporary access and/or provide you with packet captures or whatever else would help you with developing an app.

I've gotta say when I saw "Works with Android" logo plastered over the EVL-3 marketing I assumed that meant they had an Android app developed for it, not that they had a web interface.

[webhiker]

Hi Tyler,

The latest version now supports a TPI mode and non-TPI mode, so as long as your panel supports the Quick API you get some of the app functionality.

Some things are not enabled, like setting date/time, toggling chime etc.

If anyone knows of any Quick API functionality I've not implemented, post it here and I'll add it in.

As soon as Envisalink supports your panel via the API you can switch modes and get full access to all the functionality.

regards
wh

[767pilot]

OK, I'm lost. I really don't know what you are after when you ask for the envisalink host name. Is it the IP address, mac address, the link that I got from envisalink? I can't get this thing to log on no matter what I do. Judging from the comments on the google play store I am not the only one.
Thanks

(using DSC with TPI)

[ejosterberg]

PM me with your email address and I'll add you to the developer email list. Just give me a run-down on what your project is. I don't really watch this forum so if you have an questions related to the TPI it is best to email me directly.
Kieran

Please add me to the developers list as well. I tried the contact us page and was met with a broken link.
Not Found
The requested URL /cgi-bin/sendecomments.pl was not found on this server.

I have an application that takes the IT-100 serial interface events and converts them into REST events or calls to support home automation with an Insteon ISY99 controller. I'm moding my app to use your device instead. Basically done yesterday.

[haizman]

Like 767pilot, I too was confused as to what settings are used. I got it working once I figured out the app wants to connect straight to your module (not via the Envisalink servers) -

Mode - I have a DSC 1832 panel so I selected "TPI".

Envisalink Hostname - This is the name of my free Dynamic DNS name (i.e. myhomeserver.dyndns.com) that resolves to my cable modem's DHCP IP address. Most home routers have a setting where you plug that in. If your ISP gives you a static IP you could plug that in instead.

Port - 4025. I created a port forwarding rule in my router to accept port 4025 and forward to the Envisalink 3 module's IP address. You can specify a static IP for the module in it's config webpage (i.e. 192.168.1.105). So my router rule translates myhomeserver.dyndns.com:4025 > 192.168.1.105:4025.

Envisalink username - "user"

Envisalink password - "user" (unless you've changed it to something more secure)

Alarm Passcode - I used my Master code that I use to arm, disarm, change the date (*6 stuff), etc...I'm not sure if the installer code works (5555).

I hope this clears up some of the ambiguity for the setup of this app.

[soda97]

Is there a similar app for iOS?

[Tambourineman]

I see a lot of references that the port for the envislink 3 is 4025. When does one find this to confirm that's what it is on my router? (I want to forward that port to DYNDNS.)

Also, I also cannot figure out how to login on EvisaDroid. I see same comment in the PlayStore comments. I have it set to auto-connect when the app starts. when I press most icons, nothing happens. When some cons are pressed it says logged out or not logged in. How does one login?

[mikep]

I hope I'm not too far out of line here, but I would strongly recommend NOT port forwarding 4025. This is an unprotected port - it has no encryption and no protection from a dictionary attack. If you access your system from a public wifi your password and security PIN would be in the clear for anyone sniffing packets to see. Hackers will find these ports to run automated programs to determine your password and security PIN.

You'd be much safer if you setup an SSH bridge to encrypt communication between your system and the envisalink when you're outside of your network.

Mike

[Tambourineman]

mikep, you're definitely not out of line. I appreciate the input. Now I'll just have to ask my kids (who are software engineers) how to use an SSH bridge with the Envisaalink program

As for unprotected ports, I thought hackers tried all ports. I use LastPass to generate strong passwords - besides wouldn't all they could do is to get into my alarm system? I suppose if they changed my DSC master code it would mean I would have to get a new panel - not the end of the world.

[mikep]

That's very true, hackers are constantly looking for open ports. Better to use certificate protection if you can rather than passwords. You'll see if you open up port 22 you'll get probed (ooh!) from around the world constantly - usually with lame dictionary attacks but it's not hard to imagine something more sophisticated especially on known ports.

Good passwords do help as do lockouts of IPs for too many attempts. The envisalink as an internal card provides neither (the TPI only allows 6 characters and unlimited attempts), and of course a PIN can be even easier - pretty easy to leave an app sitting there trying everything against your system. I have a bad dream of my password/pin and home/away status available for sale on a black market hacker site... It is however very secure outgoing to the eyezon service so not to worry there.

I've got some write-ups for SSH bridging:
http://sites.google.com/site/mppsuite/f ... connectbot for the phone (client) side, and http://sites.google.com/site/mppsuite/f ... figuration.

Mike