Home Detect VPN Share Reset LEDs



Little Snipper (v2) User Guide






Step 1. Checklist

Little Snipper
Power
Ethernet cable
Access to a router with a connection to the Internet
Smartphone, tablet computer or laptop
The Wi-Fi and Administrator login details we've given you




Step 2. Connect Little Snipper to the Internet


Before powering on Little Snipper, plug your Ethernet cable to the port labeled WAN on the Little Snipper to a port labeled LAN on your router.




Step 3. Power it up


Now plug Little Snipper into the power. You'll need to fold out the power pins and connect an adaptor if you're outside the US.

NOTE: It takes 30 seconds for the red LED to activate.



Step 4. Connect and register

After a short while Little Snipper will start blinking, 1 flash every 5 seconds. This indicates idle mode, when Little Snipper is waiting for you to connect.

With your phone, tablet or laptop, look for a Wi-Fi network that matches the network name we gave you. It'll be something like unplug_XXXX, where "XXXX" are 4 letters and/or numbers. Connect to it using the Wi-Fi password we also gave you, noted down in Step 1.

Once you've connected, visit 10.10.10.1 in your browser. You will be taken to a page that looks like this:

Now log into the configuration pages using the default owner username (always admin) and password (default plugunplug).

Next you'll be asked to give Little Snipper an email address on which to receive alerts from the device. This step is important and necessary.

Once done, you will have access to the main menu:





Step 5. Change passwords (optional, advised)

There are 3 passwords governing access to Little Snipper:

  1. Wi-Fi password - needed for any device (like a smartphone or laptop) to connect to Little Snipper
  2. Administrator password - needed to control and/or configure Little Snipper using the on-screen interface
  3. Root (via ssh) password - to access Little Snipper using the UNIX command line / shell (for developers, security auditers and tinkerers)
To change passwords (1) and (2), click on the Settings icon at the top of the screen. You'll be taken to the following screen:

Change Wi-Fi password

The most important password is the Wi-Fi password: aside from physical access it governs who can access both the admin menu and command line (using ssh). For this reason it's important you change it to one other than the default we gave you.

To change the Wi-Fi password click on the Wi-Fi Hotspot Setup . Here you can change not only the Wi-Fi password, but the network name and channel of your Little Snipper's network:

Change admin password

This is the password for the configuration pages of your Little Snipper. It's important to have this area protected so that you can give others access to Little Snipper (for instance, to enjoy private Internet browsing or sharing files from a USB stick) without them being able to commandeer the device. To access this menu, choose Admin Password from the configuration menu:

Change root password using the command line

Access to the command line of Little Snipper is only available over the Wi-Fi (whose password you govern) and Ethernet cable on the LAN port. As the firmware part of the device is based on OpenWrt, Little Snipper is a single-user system, with a root user behind the ssh port on its Wi-Fi or Ethernet LAN. In this sense, physical access to the device is a (albeit unlikely) point of vulnerability.

The root password for your device is unique and strong, generated during the firmware-flashing part of the production process, by us. In fact, we didn't put the root password on the sticker to significantly reduce the possibility of the device being compromised on the way to you.

To retrieve the unique root password for your device, please email support <at> plugunplug.net, using the email account we've been in touch with before. State your name alongiside the serial number on the sticker. We'll then give you the password for your particular device.

You should then log in immediately and change it using the following commands on a device with ssh (Secure Shell) installed:

ssh root@10.10.10.1
passwd

NOTE: In no way is it ever possible for us to remotely connect to your device. Little Snipper's firewall blocks all attempts to log in using ssh (or any other means) from outside its LAN. Simply put, we've deliberatrely locked ourselves out of accessing your device! Those sufficiently knowledgeable can see this for themselves, by reviewing the file /etc/config/firewall on the device.




Step 6. Give Little Snipper something to do

Little Snipper can be used in three different ways:

  1. Detect spy devices - detect and/or disconnect (International Model) surveillance devices
  2. Connect to VPN - encrypt your Internet traffic using a Virtual Private Network
  3. Create a Wi-Fi bridge - connect Little Snipper to the Internet using another Wi-Fi network
  4. Share files over Wi-Fi - share files from a USB stick over Little Snipper's Wi-Fi network


NOTE: With nothing selected, Little Snipper works as an efficient and secure little Wi-Fi router.


Detect spy devices

As the name implies, Detect spy devices sets Little Snipper up as a guard dog, keeping an eye out for wireless devices known to be used to compromise personal privacy. Those with the non-USA model also have the option of disconnecting those devices as it finds them, breaking wireless uploads and streams of video, audio and image content to the Internet (or another device, such as a phone in a car outside).

NOTE: Little Snipper will alert by email should it detect something. For this to work, it's important Little Snipper remains connected to the Internet. Long LED pulses indicate a target has been discovered.


Go through and choose the devices you'd like Little Snipper to keep an eye out for, using the drop down menus and toggle buttons. Choose Select all to do just that:


When finished with your selection, select NEXT.

Detect spy devices: Screen 2


Alerts Only

This mode does no disconnection. It just continuously keeps a look out for devices you've selected to detect and sends you an alert you if it does.

All Out

This mode will disconnect devices you've selected on any network they use, including Wi-Fi tethers to phones. After disconnection, Little Snipper will send you an alert by email.This is the only way to 'blind' camera drones on (2.4Ghz) and devices like DropCam and Google Glass. Please note that this mode may not be legal in your given jurisdiction. Use with caution and care.

Territorial

Choose networks on which to disallow connections. This is useful if, for instance, you work at an office and wish to disconnect spy devices installed/used by colleagues or office guests.

Quick Sweep

This tells Little Snipper to sweep once across all 2.4GHz Wi-Fi channels looking for the devices you've selected for detection. A sweep cycle takes around 2 minutes. No disconnection is performed.

Detect spy devices: Screen 3


Now it's time to review the settings and arm Little Snipper. After hitting ARM DEVICE Little Snipper's Wi-Fi will go down as it needs to use its antenna for detection. Check your email and look out for long LED pulses to indicate a target device has been detected.

NOTE: You can also connect to Little Snipper over Ethernet on the LAN port to read reports from the detector.






Connect to VPN

Rather than locking out spies in your physical environment, the Connect to VPN menu is concerned with locking out spies from your Internet traffic.

Little Snipper does this by using a Virtual Private Network , routing all traffic from devices connected to Little Snipper over an encrypted tunnel, exiting wherever the VPN server you have chosen resides in the world. This ensures that your traffic is opaque to all the companies, governments and other entities between your device and the VPN server at the exit point, at the other end. More so, it changes the geographical location of your Internet traffic: so, if you are in the USA and using Little Snipper with a Swedish VPN server, you will appear to a website hosted in Australia (or any other country) as a device in Sweden.

NOTE: Encrypting your Internet traffic protects your privacy along the route but does not guarantee your anonymity at the site or service you are resourcing! Your browser fingerprint alone is often unique enough to be correllated with an existing record by the owner/admin of the site you are visiting. For this reason, we recommend using the Tor Browser if the need for anonymity is paramount.

Connect to VPN: Screen 1


Cyborg Unplug VPN

Our premium customers have the option of using the Cyborg Unplug VPN based in Germany. This service includes the unique feature of wrapping the traffic in a stealthy SSL sheath, an encrypted layer that disguises the VPN traffic as standard port 443 traffic (online-banking, Flickr or Google traffic etc).

In doing so, this method evades firewalls that are trained to look for VPN traffic, making it very difficult to detect and block. For this reason, the Cyborg Unplug VPN may be useful in regions where VPN traffic is disallowed, circumventing censorship and non-net-neutral policies.

Configure new VPN

Here you can upload an Open VPN configuration file you have downloaded from a VPN service provider, your own VPN. Provide the username and password, as required. NOTE: we can't guarantee the security of any third-party service here.



Connect to VPN -> Configure a VPN


Here you can upload an OpenVPN configuration file (ends with ovpn) and enter the username and password, if required.




Connect to VPN -> Configure a VPN -> Start VPN





Create Wi-Fi bridge

This option allows you to avoid using Ethernet cables to connect Little Snipper to the Internet. Simply select a Wi-Fi network that you have access to from the drop-down menu, enter the password (if required), and Little Snipper will attempt to connect to that network. Please note this can take a while. Once done, you should see in the status bar that you are connected to the Internet.

Selecting Save this network will allow you to use it later, without needing to re-enter the passphrase.

Selecting Make this my default connection is intended for static installations of Little Snipper, whereby the device will always attempt to connect to that same remote Wi-Fi network each time it is powered on.



Share files over Wi-Fi

Choosing this option to share files on a USB stick with every device connected to Little Snipper's Wi-Fi network. This is particularly useful in classroom and meeting situations as it does away with the need for DropBox - in fact the Internet altogether - to share files between one-another.

Simply plug in your USB stick and choose refresh. The stick will mounted and its contents made available to the network. Anyone you've given the Wi-Fi password to Little Snipper can then visit 10.10.10.1 in their browser and download the files on the USB stick, just as they would from a site on the Internet.

File systems supported include VFAT (default with all USB sticks when bought), HFS and EXT2/3/4.


Reset Little Snipper, reverting to default passwords

To reset the device, insert a small object into the hole marked 'Reset', for 15 complete seconds, while the device is powered. Only remove that object when the LED shows a continuous (non-blinking) pulse. Then, once the LED stops flashing, wait for the device to reboot (about 1m). IMPORTANT: Do not unplug the device during the reset cycle!

LED flash patterns/indicators