I wanted to create a payment portal, where the offline users would connect to my store Hotspot and make online payments. However, due to obvious reasons, i would like the users to be able to connect to the payment portal only. Is there a way i could do a whitelisting (or Blacklisting) of the URLs to which the network packets are destined ? Is there possibility that source code of tethering could be modified and an application could be built upon it that would get the job done ? If yes, then can it be done without rooting the phone.
P.S - I don't want to use Proxy.
Related
As the question says, i was wondering if there is a safe, and non really complex way to send credentials from an APP to an ESP32, in this moment i made an app that connect via bluetooth and send the credentials via serial and it works, but this way has 2 issues, 1) its not safe (not encrypted/secured data), 2) you have to ask in the application the credentials (SSID and password of the wifi) and i think it should exist some way that avoids asking for data that is already known by the smartphone. Any guidance on this topic will be welcome, thanks in advance.
all apps which are used to configure devices like IoT hardware and smart devices, ask the user to enter the wifi credentials when configuring the device, which is then transferred via Bluetooth or wifi connection,(the device acts as an access point, mobile with app connects to that devices' AP). you can save credentials one time and automate the process of sending them afterward.
I'm trying to implement Android device administration on a range of company-owned devices. The network these devices will be on does not have an internet connection - It will only have Wi-Fi connection to the enterprise network.
I have the device working with a policy controller, all hard-coded into the app loaded via Android Studio.
My next step is creating an Enterprise Mobility Management (EMM) console, but the documentation seems to explain that it's cloud-based and require Google accounts. Is there a way to implement this functionality on an offline secure network without Google accounts?
Yes, there is a way to implement device management functionality on an offline network.
Headwind MDM, the project I am working on, is a self hosted mobile device management solution which can manage Android devices without Internet connection (using Wi-Fi or private APN in mobile networks). Also, it is open source so you can adjust the code for your needs.
The only exception is that you may need Internet connection during the initial setup of your Android devices, because some models require access to Google Play Protect when installing the device owner application.
I want to off mobile data for some specific apps,what I want is that if my mobile data is on then I can allow only whatsapp to access,no other app. I know its possible because some apps for same are available on google play but I am not getting any code for the same. I have googled a lot.Any help is appreciated.
Go to Settings > Data usage then you can see app usage and select each app and turn on restrict app background data.
You can make a VPN application. Within the application you can make a list which apps allowed to access internet and which apps not to allow it. Make sure the connection is through that VPN application. Then filter the connection in your VPN based on the lists
You can use VPN, build your own server and transmit all the traffic through that server, than you can filter all the traffic.
Maybe you can google "OpenVpn" or "ToyVPN" in android's sdk for some ref.
I am trying to create an android application for mobile device management.
I want to deny the internet access of a particular 'xyz' network to smart phone users unless they have my certain android application installed on their smart phones. Only those users, who have the application installed on their device should be able to access my 'xyz' network. What should I look into to achieve this? I am not sure what to google to find an answer. :)
If this is about security, it sounds like this would only secure the network from Android users and leave a gaping security hole for any other device. Or are you looking for an alternative to protecting WiFi with the standard clickwrap agreement before you can use the internet? Maybe it would help if you clarify your use of the term 'network'. The only other use I can think of is malware, so please clarify.
I suggest using standard internet security protocols for logging in - a password on a site secured with SSL, which the browser can remember. If it's specialty content, access it directly through the app where enhanced security can be handled automatically.
I am developing a application for mobile (iPhone and Android) maps based for a company. The company has deployed a wireless network to allow, by subscribing, internet access.
The idea of the mobile app is to give internet access only to that specific app to any ones that have it. In other words, company wants to allow to application to connect to this network.
My question is: is it possible to give access only to a specific application and what would be the most appropriate way? Is the app that "recognize" that network or network is in charge of give access to that specific app?
Any suggestion is very appreciated.
If you want to provide only app to connect to any network then you need to put some rules in IPTABLES in linux core (this needs your application to have root access) just like the firewall applications for android that monitors UIDs of applications accessing network
But you can do it the other way, implement some server calls that the particular network of the company will only be accessed through that particular app, Use some validation in http requests such as maintain a unique ID to differentiate your app/user that you can create during registration and during interacting with the network use the key for validation.
Generally speaking, a regular WiFi network won't have any facilities to allow a single application to access it. The mobile device OS associates itself with the WiFi network, and it will allow all applications to access it.
You could, however, use a proxy server that requires authentication. You could then build the authentication keys (for example, a client certificate) into the application such that only the application will be able to communicate through the proxy.