bacnethelp.com

I’ve done it!

My first real, service providing, payment subscription website. I must say it took longer than what I was expecting… (Paypal’s API is a bitch; many things don’t act like described in their manual).

Encryption

Because I like privacy and encryption, I made sure BACnethelp.com would abide by these principles. What? You want me to encrypt only the payment section? Well first of all it wasn’t really necessary, as the payment section really is on the Paypal side. But even then, I only have this to say:

https://frozenlock.files.wordpress.com/2012/06/wpid-encrypt-all-the-things.png

That’s right! Every single page is encrypted. No one on your network can see what you are looking at! They can, however, see that you are browsing BACnethelp.com because of the DNS resolving which isn’t encrypted. Hopefully this will change sooner rather than later.

Needless to say, I made sure that all the passwords are not saved in plain-text. This might seems self evident, but I’m constantly surprised by the number of website not doing it the right way. In fact, if a website gives you a maximum length for your password, run. Run as fast as you can, because this is a really, really bad sign.

What it does

But really, what does my website do? It enables you to see what’s on your BACnet network.

BACnet
A Data Communication Protocol for Building Automation and
Control Networks
– BACnet.org

By that I don’t mean there isn’t already some tools to browse a BACnet network. Unfortunately for the user, those tools often cost more than a thousand dollar for a single license. Add some more thousands if you want to save the data in a database, or add a web-server. Want to use BACnet at home? Well this seems like a good choice; take one of your micro-controllers, add it a BACnet stack and you’re rolling baby! Except won’t you be able to retrieve the data easily. This is the weird state of BACnet right now. Yes, its main goal is integrability, yet most of us can’t see what’s on the network unless we drop only a grand or two.

This is where BACnet help comes in. Tada! By running a little application, you are able to scan the entire network in a single swoop. It’s grabbing everything: IP addresses, MAC addresses, current values, descriptions, out-of-service, (…) trend-logs and even backups! It takes a snapshot of your network. “How was the network when I finished servicing it? Does someone played with some values and caused havoc?” All you need to do, is press a single button: https://frozenlock.files.wordpress.com/2012/06/wpid-bacnethelp-scanner1.png

This couldn’t be any simpler. Of course there’s some advanced settings if you want to customize a little more your scanning experience.

In other words, this is what BACnet help lets you do: Scan and see your network.

Constraints

As many of you probably determined by now, the scanner doesn’t provide a real time view of the network; it’s a snapshot. It’s not meant to send commands, only to see your network. One of the constraints I had to cope with was that some of BACnet’s heavy users don’t have an Internet access on the same network. I know, I know, why the hell not. On one side it would be silly to hack into a system only to change a room temperature set point. On the other side, there’s no authentication (that I know of) on the BACnet network. Anyone can just connect to port 47808 and voilà!

So how can I take a snapshot of a network and send it to BACnet help later, when the user has an Internet access? The resulting file must also be able to go through most firewalls (to send it via email). Finally, the most important point, the user must be able to use it. (In the HVAC world, there’s some people still sending faxes, don’t expect them to know how to do the simplest computer task. Don’t get me wrong, they might be gods to maintain a boiler system… but they suck at computers. Nobody can do everything.) What’s the solution for an easy to use file, usable on any machine and transparent to firewalls? An HTML file! All data is crammed inside it, ready to be send when the user click on the “Send” button.

Now calm down, I know what you are thinking “Won’t all this info help others reverse engineer your so-nice-I-wish-I-could-marry-it network scanner? Well no, because…

Open source

The scanner is open source! You can grab the source whenever you want! I must warn you, many shortcuts where taken as I didn’t need the entire BACnet range of functions to do what I wanted. You can check the BACnet4J library if you want to build something more hardcore. Because I’m also a big fan of free softwares, I must mention that the scanner works on the JVM (written in Clojure), meaning it can also work on GNU/Linux! The .exe scanner is simply a wrapped .jar, meaning that you can open it using the Java runtime.

So I need to pay to use it?

Only if you use it extensively! As a non-subscriber, you can save up to 3 projects, each with a maximum of 5 devices. This is more then enough for a home project! You can also delete devices you don’t use and put new ones in their places. The important thing here is to stay below the maximum number. Unless you are using it extensively, it’s 100% free!

Please, try it! I would love to have your feedbacks!


4 responses to “bacnethelp.com

  • Coleman Brumley

    “By that I don’t mean there isn’t already some tools to browse a BACnet network.”

    Not true, several vendors make these types of tools. Check out BACnet Quick Test (BQT) from PolarSoft.

    “Unfortunately for the user, those tools often cost more than a thousand dollar for a single license.”

    Again not generally true. This may be true of some BACnet vendors’ tools, but BQT is inexpensive. It can be licensed individually or in bulk, and it’s certainly not thousands of dollars.

    “Add some more thousands if you want to save the data in a database, or add a web-server.”

    Again, not true in the case of BQT. It’s capable of exporting device, object, and property data into XML, HTML, or TXT formats.

    • Frozenlock

      You misunderstood me in your first quote: “By that I don’t mean there isn’t already some tools to browse a BACnet network.” So yes, I already acknowledged there’s some existing tools.

      I was quite excited when I read your mention of BACnet Quick Test, hoping to find something useful. Unfortunately I didn’t find any download link on the site. No demo? Well, let’s check the price… Oh, there isn’t one.

      Is it also compatible with Windows Vista? Windows 7? Windows 8? The description only says 98/Me/NT4/2000 and XP.

      “Again not generally true. This may be true of some BACnet vendors’ tools, but BQT is inexpensive. It can be licensed individually or in bulk, and it’s certainly not thousands of dollars.”

      So tell me, how much?

      I’ve already written about this kind of behaviour, where a seller won’t give you the price unless you “ask” for it first. http://frozenlock.org/2011/11/27/playing-hard-to-get/

      “Again, not true in the case of BQT. It’s capable of exporting device, object, and property data into XML, HTML, or TXT formats.”

      Which aren’t, per se, saved in a database. Printing a page isn’t the same as maintaining a library.

      I’ve also checked the Polarsoft website for any clue about BQT exporting in various format. Nothing.

      I’ve got nothing against criticism. And I would take yours gladly, as it seems your are on the BACnet committee… but this is just a pathetic attempt at making publicity for your product, without even trying to understand what I’ve written.

      Should I mention http://www.arduino.cc/cgi-bin/yabb2/YaBB.pl?num=1292953663, where you registered in 2010, added “Arduino rocks” in your signature, posted 4 times in a single thread (to mention your Polarsoft) and then disappeared?

  • jandasoft15601

    You’re correct, I misquoted and misunderstood that first line in my reply. When I read this, I interpreted this as “there are no tools available for browsing the BACnet network.” Which isn’t what you were saying.

    However, you made some generalities that I simply wanted to reply to you about.

    For example, “yet most of us can’t see what’s on the network unless we drop only a grand or two”. This simply isn’t true.

    You’re post about “Playing hard to get” is an interesting observation about the industry. But, I think you fail to understand that the companies you’re talking about distribute their products through dealer channels, not retail.

    Now, regarding your comments about BQT (I will ignore you attempts at insulting me, sir):

    Yes, there is a demo. Anyone may simply contact info@polarsoft.com and we’re happy to provide a fully functional demo version which expires in 60 days.

    Unfortunately the web page is very out of date, and this is a fair criticism.

    BQT v6.04, which is the latest revision is fully compatible with Windows XP/Vista/7 and fully supports protocol revision 12 of 135-2010.

    While those formats aren’t databases per se, they are OPEN formats. And the XML schema is the schema specified by the standard.

    As far as pricing, you are correct, we don’t normally publish pricing. Again, this is readily available simply by asking, which apparently you have not.

    This not an “attempt to shill my product”. If you had bothered to read the Arduino post completely, you would note that I mentioned several other products including the open source stack, even encouraging the OP to have a look at the open source BACnet stack on Sourceforge and pointing other commenters to general BACnet resources. I stopped replying to the thread when it appeared to me that the OP’s question had been answered and there were no further questions.

    • Frozenlock

      I’m glad you detailed a little more the state of your product.

      I would suggest a direct link to download a demo; I guess only a small fraction would take the time to mail you just to try the demo.

      I did ask for the price in my last comment. However I understand you want to give it directly to customers. So sure, there’s some alternative less expensive than a thousand dollars… but they hardly publicize their prices!

      The one I always stumble upon while searching for BACnet is Chipkin Automation Systems, with their BACnet Explorer priced at 750 $CAD per license . Anything less expensive?

      “While those formats aren’t databases per se, they are OPEN formats. And the XML schema is the schema specified by the standard.”
      Sure, and I’m all for open standards (It always pokes my boss when I export in .tsv or .txt instead of .xls.). But in this case, it wasn’t relevant to my post.

      For your implication on the Arduino forum (which was only this thread), this seemed a lot like “Oh, here’s an opportunity to push my product!”. A single reference to Polarsoft in your forum profile or signature would have been less intrusive. But hey, I might be wrong, in the end it’s the reader who decides what he sees.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: