DIY security: Cool tools you can build yourself
Image credit: Flickr/Morgan
Do-it-yourself (DIY) electronics is entering a golden age with the help of powerful, cheap, programmable devices like the Arduino micro controller and Raspberry Pi mini computer. Hobbyists and technology enthusiasts have flocked to those and other platforms to make everything from talking alarm clocks to robots to tablet computers.
But the DIY potential of these new platforms isn't limited to consumer applications. In the panoply of home-built tools is a wide range of security products, from malware scanners to virtual private network devices. Here is a look at some we like:
Virtual private network (VPN) software used to be reserved for government employees and folks who worked for security conscious corporations. These days even the most casual web surfer on Starbucks free Wi-Fi needs one. With its small size and low power consumption, the Raspberry Pi platform makes a great choice for a portable VPN you can stick in your laptop bag for use on the road, or to protect always on connections like your home network. The folks at Lifehacker have a great tutorial on making your Raspberry Pi VPN by combining the minicomputer hardware with free and open source software (Hamachi from LogMeIn for the VPN and Privoxy for a web browsing proxy). Check it out!
Penetration testing is something of a dark art. While commercial tools exist from companies like Core Security and Immunity, most professionals still roll their own tools, often using a combination of proprietary and open source tools. In May, the folks over at Pwnie Express made that a lot easier, releasing Raspberry Pwn, an open source tool that lets enthusiasts turn their Raspberry Pi into a penetration testing and audit tool. Their software, released under the GNU public license, was built on DEBIAN and compiles a small arsenal of common pen testing tools including netcat, wireshark, kismet, cryptcat and others. Bluetooth and wireless connectivity mean the device can be remotely controlled once deployed on a target network.
Malware isn't just for Internet connected devices. With the spread of inexpensive, high capacity portable drives, malware can easily jump over "air gaps" that separate stand alone devices like PCs, servers and embedded systems from malware-prone network- and Internet connected systems. How do you figure if a given USB device you want to use is infected? One easy way is a portable scanner that you can plug the portable device into prior to using it. The folks at Icarus labs tapped the Raspberry Pi platform to build just such a system as a proof of concept, and say make a high-powered scanner that leverages 44 separate AV engines to interrogate portable media.
Cellular intrusion detection system (CIDS)
As far back as DEFCON 20, security experts demonstrated how so-called "Evil Twin" attacks that are common in the Wi-Fi world can be ported to GSM networks used by cellular phones, while existing network security tools can't inspect cell traffic. Fortunately, fighting back against attacks transmitted over cellular networks doesn't have to be costly. Researchers from LMG Security showed how to make a low-cost cellular intrusion detection system using a Verizon Samsung Femtocell and the SNORT open-source intrusion detection software. The CIDS developed by LMG was able to detect and alert on command and control traffic sent to a nearby infected mobile device.
Network backdoor/Trojan horse
The small form factor for Raspberry Pi devices make them ideal for the most straight-forward kind of hacking tool: the rogue device or Trojan horse. This tutorial shows how even a technically unsophisticated hacker could disguise a wi-fi enabled Raspberry Pi device inside a standard laptop power cord. Once planted on a target network, the device will create an SSH encrypted tunnel that would enable an external attacker to send and receive data, including malicious payloads, to the target network.