raspberry pi security software freedom day 2013
play

Raspberry Pi & Security Software Freedom Day 2013 Peter Oakes - PowerPoint PPT Presentation

Nov 03, 2022 •20 likes •270 views

Raspberry Pi & Security Software Freedom Day 2013 Peter Oakes IT/Cyber Security What is it? Covers everything from 'physical' to user interactions Why care? IT provides assets/resources We depend on these resources

  1. Raspberry Pi & Security Software Freedom Day 2013 Peter Oakes

  2. IT/Cyber Security ● What is it? – Covers everything from 'physical' to user interactions ● Why care? – IT provides assets/resources – We depend on these resources – Store our information (confidential) – Control our information (integrity) – Provide information (availability)

  3. Security = Easy ● Kind of... – Lots of terms and technologies, Firewall, port, encryption, RSA etc ● Back to basics – Think about we want to secure – Understand how security is configured – Similar to securing a house..

  4. Raspberry Pi ● Aim to monitor and report security threats – Protecting and securing the device ● Out of the box install is insecure – Requires user to configure (harden) ● Electronics provide enhancements – Alerting/notification

  5. Hack Yourself Need to understand what needs securing ● 'Discovery' exercise ● Who, what is on your network – Types of traffic – What ports are available – Incorrect configurations, out of date software – Several utilities ● Kali (Linux distribution 300+ tools) – Command line utilities – Web based (www.grc.com) –

  6. Example Usage Kali ● Netdiscover – Zenmap – Nmap – Intrace – Tcpflow –

  7. Securing The House Secure the house ● Fit doors – Add locks – Secure Windows....Not the Microsoft – type Establish secure entry i.e. letterbox – Hide away valuables – Fit alarms and video camera – ... Have a guard dog or hire a bouncer – Result ● Allows communication (letters) – Protects assets – Monitors and alerts owner –

  8. Securing The Pi ● Lock our doors – IP Tables installed ● Monitor for suspicious behaviour – Log events – This is our video camera... ● Alert – Analyse events – Report events – This is our alarm/guard dog

  9. IP Tables ● Its a rule-based firewall ● By default no rules defined ● To block an IP /sbin/iptables -I INPUT -s 192.168.0.5 -j DROP – DANGER: You can lock yourself out – ● To accept an IP /sbin/iptables -I INPUT -s 192.168.0.5 -j ACCEPT – ● To view the rules /sbin/iptables -L –

  10. Logging ● By default most messages are recorded in: /var/log/messages – ● View it in real-time Tail -f /var/log/messages – ● Try it Logger “hello SFD 2013” – ● Very important resource ● Used for audit/diagnosing problems ● Other applications depend on these logs

  11. Port Scan Attack Detector ● Software to report on attacks ● Monitors log events ● Has own rules ● View status: Psad -S – ● Can set blacklist and whitelists ● Custom Python script – Electronics via GPIO

  12. PSAD ● Typical deployment of PSAD ● Detect probes for various backdoor programs

  13. Launch an Attack ● Virtual Machine with Kali ● Probing the network Nmap -sV 192.168.0.2 #what services – Nmap -O 192.168.0.2 #what OS – Nmap --open 192.168.0.2 #open ports – Nmap -sA 192.168.0.2 #is there a FW? – Nmap –iflist – Nmap -sF 192.168.0.2 – ● Attack example: sudo hping3 -i u1 -S -p 80 192.168.0.2 –

  14. The Pi ● 'Attack' VM is Kali ● Attacker using Kali probes network ● Pi logs activity from probe ● Pi flags activity as suspect ● Pi alerts user via LEDs and LCD

  15. Tools ● Wireshark ● Capture and filter packets (network traffic) ● Previous attack, all SYN flags set, syn flood attack = Denial of Service ● Can filter tcp.flags.syn==1 ● IP tables stop/limit this: iptables -A INPUT -p tcp --syn -m limit --limit 1/s --limit-burst 3 -j RETURN –

  16. Denial of Service

  17. Pi Development ● Hardware – LCD – LEDs – I2C (provides more Pins/IOs) – Button ● Software – Python – Various libraries SMBus for I2C, GPIO – Notepad++

  19. Pi Development ● Code maintained on Pi ● Developed on laptop ● Uses SFTP (SSH) – Accesses Pi remotely (download/upload) – Can't test on laptop i.e. libraries and devices on Pi ● Code managed by Git (VCS to bitbucket) ● Adafruit provides an excellent IDE called WebIDE – Web based, allows debugging from any device

  22. Closing Remarks ● Passwords are like underwear....

  23. Useful Links How secure is your network: ● http://www.linuxuser.co.uk/tutorials/how-safe-is-your-network-kali-tutorial IP Tables: http://www.howtogeek.com/168132/using-iptables-on-linux/ ● Essential Linux Commands: http://community.linuxmint.com/tutorial/view/244 ● PSAD: http://www.cyberciti.biz/faq/linux-detect-port-scan-attacks/ ● Nmap: ● http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/ HPING: http://www.binarytides.com/tcp-syn-flood-dos-attack-with-hping/ ● IP Tables vs DOS: ● http://www.cyberciti.biz/tips/howto-limit-linux-syn-attacks.html ●

  24. Mail Box Issue ● sudo touch /var/mail/pi ● sudo chown pi:mail /var/mail/pi ● sudo chmod o-r /var/mail/pi ● sudo chmod g+rw /var/mail/pi

  25. Getting Started ● Kali (root/pa33word) ● Pi (pi/pwd123.card) ● Load IP tables = ● sudo /sbin/iptables-restore < ~/iptables.up.rules ● Restart PSAD ● sudo /etc/init.d/psad restart

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry Pi? What is a Raspberry Pi? Small computer Runs Linux OS Raspberian CanaKit Raspberry Pi 3 B+ Startup Startup Open

502 views • 11 slides
Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized

Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized

Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized single-board computers developed by the Raspberry Pi Foundation to promote the teaching of basic computer science . Raspberry Pi Advantages Access

579 views • 5 slides
Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall

Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall

Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall Education Developer Advocate at Raspberry Pi Foundation Software &amp; project development Learning resources &amp; teacher training

718 views • 44 slides
BeyondCorp: Beyond fortress security BA.net Private Cloud Office Open Source Software Freedom,

BeyondCorp: Beyond fortress security BA.net Private Cloud Office Open Source Software Freedom,

BeyondCorp: Beyond fortress security BA.net Private Cloud Office Open Source Software Freedom, flexibility, low cost, no vendor lock-in, no jumping through monopoly license hoops, byod, local software, hybrid cloud, retire old firewalls, new

763 views • 32 slides
Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry

Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry

Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry Pi Clusters Colin Sauz &lt;cos@aber.ac.uk&gt; Research Software Engineer Super Computing Wales Project Aberystwyth University Overview

193 views • 18 slides
Protecting Your Privacy in the Digital Age Steve Revilak Software Freedom Day Sep. 21, 2013 1 /

Protecting Your Privacy in the Digital Age Steve Revilak Software Freedom Day Sep. 21, 2013 1 /

Protecting Your Privacy in the Digital Age Steve Revilak Software Freedom Day Sep. 21, 2013 1 / 26 State Surveillance Over the summer, weve learned about a number of NSA programs that spy on . . . , well, just about everyone.

753 views • 26 slides
Building a quadcopter 5HC99 Group 3 Outline Hardware Software Tuning Video

Building a quadcopter 5HC99 Group 3 Outline Hardware Software Tuning Video

Building a quadcopter 5HC99 Group 3 Outline Hardware Software Tuning Video Demo Hardware Standard frame Two Raspberry PI's Two camera's Barometer Battery alarm Raspberry PI Two Raspberry PI's

275 views • 12 slides
Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012

Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012

Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012 www.ics.com Agenda What is the Raspberry Pi? Raspberry Pi Foundation Hardware Software QtonPi Distribution QtonPi Device

716 views • 38 slides
Verified Boot and Free Software: Reconciling Freedom and Security Paul Kocialkowski

Verified Boot and Free Software: Reconciling Freedom and Security Paul Kocialkowski

Verified Boot and Free Software: Reconciling Freedom and Security Paul Kocialkowski contact@paulk.fr Monday July 4 th 2016 Introducing Verified Boot and Related Issues Introducing Verified Boot and Related Issues Bootup Process BIOS History

947 views • 39 slides
Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM

Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM

Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM I - Now leading Raspberry Pi Users Group,A Japanese Raspberry Pi Community here in Japan. - Volunteer for Raspberry Pi Foundation - one of the

1.32k views • 44 slides
Raspberry Pi Overview West Chester Amateur Radio Association January 14, 2013 Monthly Program

Raspberry Pi Overview West Chester Amateur Radio Association January 14, 2013 Monthly Program

Raspberry Pi Overview West Chester Amateur Radio Association January 14, 2013 Monthly Program Meeting Presenter: Scott Pettigrew - N8VSI What is a Raspberry Pi? Credit-card sized general-purpose computer Boots from SD Card System

221 views • 11 slides
CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT # : 3567302 TERM 3 : IMPLEMENTATION SUPERVISOR : DR. M NORMAN CO-SUPERVISOR : MR. M MUYOWA BACKGROUND INCREASE OF CONNECTED DEVICES

122 views • 8 slides
deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security

deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security

Software and Web Security deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security vulnerabilities esp in systems accessible via a network part 1 security problems in machine code, compiled from C(++)

1.35k views • 67 slides
Making Your Own Open Source Raspberry Pi HAT Leon Anavi Konsulko Group leon.anavi@konsulko.com

Making Your Own Open Source Raspberry Pi HAT Leon Anavi Konsulko Group leon.anavi@konsulko.com

Making Your Own Open Source Raspberry Pi HAT Leon Anavi Konsulko Group leon.anavi@konsulko.com leon@anavi.org FOSDEM 2017 Agenda Raspberry Pi HAT Designing an open source hardware Software support Raspberry Pi HAT != HAT Hat

425 views • 27 slides
Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software

Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software

1 Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software is the main source of security vulnerabilities esp in systems accessible via a network i t ibl i t k part 1 part 1 security problems

672 views • 65 slides
The Art of DJing, Psychedelic Therapy, and Software Freedom A Proposal for Using Music to

The Art of DJing, Psychedelic Therapy, and Software Freedom A Proposal for Using Music to

The Art of DJing, Psychedelic Therapy, and Software Freedom A Proposal for Using Music to Maximize Therapeutic Outcomes Be Wilson MD candidate, University of Illinois at Chicago Mixxx DJ Software developer Introduction Feel free to ask

503 views • 17 slides
Leveraging other data sources with flow to identify anomalous network behavior Peter Mullarkey,

Leveraging other data sources with flow to identify anomalous network behavior Peter Mullarkey,

Leveraging other data sources with flow to identify anomalous network behavior Peter Mullarkey, Peter.Mullarkey@ca.com Mike Johns, Mike.Johns@ca.com Ben Haley, Ben.Haley@ca.com FloCon 2011 Goal and Approach Goal: Create high quality

416 views • 23 slides
Junior Debt Income Producing Student Residence Location: South-Western Ontario Property

Junior Debt Income Producing Student Residence Location: South-Western Ontario Property

Junior Debt Income Producing Student Residence Location: South-Western Ontario Property Type: 750 bed student residence / apartment building Loan Amount: $75,000,000 first mortgage loan ($100,000 / bed) Term: 3 years DSC Ratio: 1.05x

348 views • 5 slides
ECN Capital Update SEPTEMBER 14, 2017 MAKING CAPITAL WORK ECN BUSINESS OVERVIEW 1 MAKING

ECN Capital Update SEPTEMBER 14, 2017 MAKING CAPITAL WORK ECN BUSINESS OVERVIEW 1 MAKING

ECN Capital Update SEPTEMBER 14, 2017 MAKING CAPITAL WORK ECN BUSINESS OVERVIEW 1 MAKING CAPITAL WORK Strategic Plan Execution CONSISTENT AND ON MESSAGE Transition continues from legacy businesses to businesses with higher growth, increased

659 views • 22 slides
FY 2018 GRUPO ORTIZ RESULTS PRESENTATION Concessions Energy Construction Services Property

FY 2018 GRUPO ORTIZ RESULTS PRESENTATION Concessions Energy Construction Services Property

FY 2018 GRUPO ORTIZ RESULTS PRESENTATION Concessions Energy Construction Services Property Audited data december 2018 May 2019 INDEX 1. Revenues and EBITDA Pg 3-6 2. Grupo Ortiz Description Pg 7-8 3. Consolidated Results Pg 9-10 4.

589 views • 40 slides
Corporate Presentation August 2020 (TSX-V: PJX) Project X Innovation Unlocking Potential

Corporate Presentation August 2020 (TSX-V: PJX) Project X Innovation Unlocking Potential

Corporate Presentation August 2020 (TSX-V: PJX) Project X Innovation Unlocking Potential of a Gold and Base Metal Mining Camp. Disclaimer Some of the information in this presentation has been extracted from the prospectus and NI 43-101

308 views • 17 slides
The New Deutsche Bank Towers The modernization of our headquarters is setting global standards

The New Deutsche Bank Towers The modernization of our headquarters is setting global standards

Deutsche Bank The New Deutsche Bank Towers The modernization of our headquarters is setting global standards December 2010 Deutsche Banks twin towers are becoming Content a Green Building. 1 Introduction 1 Introduction of the

88 views • 7 slides
n a h d a r P a y 2 m 1 a 0 R 2 g : r n e i t r n p e S s , e 5 r

n a h d a r P a y 2 m 1 a 0 R 2 g : r n e i t r n p e S s , e 5 r

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds n a h d a r P a y 2 m 1 a 0 R 2 g : r n e i t r n p e S s , e 5 r 3 P 1 6 P A C : e s r u o C Author

660 views • 44 slides
FASTER Overview Aspa Tzeletopoulou Alexios Vlachopoulos 833507 FASTER

FASTER Overview Aspa Tzeletopoulou Alexios Vlachopoulos 833507 FASTER

FASTER Overview Aspa Tzeletopoulou Alexios Vlachopoulos 833507 FASTER H2020-SU-SEC-2018-2019-2020/H2020-SU-SEC-2018 1 Project funded by: EUROPEAN UNION - Research Executive Agency (REA) Project Information First responder Advanced

312 views • 14 slides

More recommend