by Aurelian Shuttleworth.
When Fing describes the Fingbox device by saying it will “Add superpowers to your home network”, they are not wrong. This little unassuming IoT device certainly demonstrates that any sufficiently advanced piece of technology is indistinguishable from magic.
I am a somewhat of a networking and computing aficionado that has constantly been building up my home networking lab but one piece I have not been able to fill is a Unified Threat Management (UTM) solution, I have tried everything from Sophos to DIY Linux servers running various open-source tools, set up to scan my network. These solutions have “worked”, but in the long run, none of them have either had all the features I need or are close to ‘stable’, hence needing constant maintenance.
I now have finally found a tool to fill that gap in my network after testing Domotz and Fings new joint venture, the Fingbox.
Fingbox is what I would describe as the child of an ethical hackers toolbox and a Smart Home Appliance. When Fing describes this device as a Network troubleshooting and Security Appliance, this doesn’t really tell you what it really is. The easiest way to explain what the Fingbox does is to compare it to an auditor. An auditor’s job is not to come in and change the way you do business or to get rid of corrupt accountants.
What an auditor does is to act as a non-partisan agent that inspects your environment using methods you can’t, providing their findings by listing all the inefficient, unsafe and destructive events happening around you. They inform you that Bob is secretly stealing your money and provide you with all the information to do something about it, but it is still up to you if you want to do something about Bob.
This is exactly how the Fingbox works, plus more. It is your agent, providing completely independent incorruptible tracking about what is happening in and around your environment, be it your home or office.
- Track who is home
- Precision control of users’ internet access
- Zero Setup
- No programs needing to be installed to monitor users
- Detecting network intrusion
- Wi-Fi Coverage testing
- Monitor devices bandwidth usage
- Remotely turning on your computer
Fingbox is a small UTM agent that connects independent of anything other than an internet connection. Being independent it is able to passively gather and report on your network with zero specialised skills for installation other than how to connect a network cable.
The FingBox is best described in two parts:
A Passive Agent and a stripped down Threat Mitigation tool. It is able to passively inspect any activity on your network using a combination of ethical hacker tricks such as packet inspection and Wi-Fi scanner that it then compares with a large knowledge base to truly understand what is happening on your network without any sort of large expensive enterprise gear.
As for the active abilities of the Fingbox, this is where it gets truly interesting since it is able to pull off tricks such as blocking attackers or just people using too much bandwidth from being able to access any network resources. It does this by using an arp poisoning method to redirect traffic intended for the blocked device into the Fingbox instead, this is something no other product under R20K is able to do with so little effort.
- Tracking of employees time in office
- Entry level UTM functions
- Man in the middle Detection
- UPNP and Nat forwarding auditing
- Network Device Auditing
- Auditing Wireless devices
- Historical records of devices per MAC
- Advanced tools aren’t available remotely
- For UTM functions the device must be on L2 network
- Device is cloud-based reliant
Enterprise users should migrate to Domotz but can use Fingbox as a great way to test if it is right for you, see https://help.fing.io/knowledge-base/fingbox-vs-domotz-pro/ and ‘What is Domotz’
- Relies on cloud
- The device has no option for hosting the control software your own so with that, you have to trust Fing not to make changes that negatively affect you or to go out of business
- Uses Packet inspection to measure bandwidth
- Surprisingly accurate
- Can monitor usage accurately for any device on the same L2 network
- Fantastic feature for home users to track the internet speed provided by their ISP
- Test done on the average show 10% less speed than actual
- Automated testing for consistent health checks and historical data in the event your ISP disagrees with you
- This feature creates a connection using an Iperf like service and directly tests the bandwidth between your mobile device and Fingbox allowing the user to see the true performance of their access point
- Makes testing access point location performance a breeze since test results are stored
- Shows download performance in Mbs and for less technical users show streaming performance for the test
- Sadly does not show upload speed
- Allows you to verify the often false claims Wi-Fi access point producers claim
- Does not accurately track devices other than the one the app is stored on
- Fing currently rates my Home server as having average Wi-Fi signal despite it being directly connected via cable
- Works alongside the device tracker
- Once a user is assigned to a device Fing begins tracking them
- Generates a historical record
- Alerts for when someone comes and goes
- This is a very interesting feature since it is able to detect devices not connected to the network
- Fingbox passively scans for Wi-Fi packets being sent nearby to detect any nearby devices
- Is able to track device Mac address and access point Address
- Not able to track devices not connected to a Wi-Fi network
- Displays warnings without needing to open the app
- Port Forward Detection
- Fing constantly monitors for any active traffic forwarding in or out of your network to help detect malicious software on your network.
- Evil Twin attack detection
- Fing actively scans for attackers trying to force your devices to connect to their network where they can steal data
In conclusion the Fingbox is a fantastic addition for both home networks and small office network due to what it delivers at its price bracket, but users must keep in mind this is a network security device that is linked to the cloud as an Internet of things device.
Those interested in becoming a reseller or agent can email firstname.lastname@example.org for more information.