raspberry pi security software freedom day 2013
play

Raspberry Pi & Security Software Freedom Day 2013 Peter Oakes - PowerPoint PPT Presentation

Nov 03, 2022 •20 likes •270 views

Raspberry Pi & Security Software Freedom Day 2013 Peter Oakes IT/Cyber Security What is it? Covers everything from 'physical' to user interactions Why care? IT provides assets/resources We depend on these resources

  1. Raspberry Pi & Security Software Freedom Day 2013 Peter Oakes

  2. IT/Cyber Security ● What is it? – Covers everything from 'physical' to user interactions ● Why care? – IT provides assets/resources – We depend on these resources – Store our information (confidential) – Control our information (integrity) – Provide information (availability)

  3. Security = Easy ● Kind of... – Lots of terms and technologies, Firewall, port, encryption, RSA etc ● Back to basics – Think about we want to secure – Understand how security is configured – Similar to securing a house..

  4. Raspberry Pi ● Aim to monitor and report security threats – Protecting and securing the device ● Out of the box install is insecure – Requires user to configure (harden) ● Electronics provide enhancements – Alerting/notification

  5. Hack Yourself Need to understand what needs securing ● 'Discovery' exercise ● Who, what is on your network – Types of traffic – What ports are available – Incorrect configurations, out of date software – Several utilities ● Kali (Linux distribution 300+ tools) – Command line utilities – Web based (www.grc.com) –

  6. Example Usage Kali ● Netdiscover – Zenmap – Nmap – Intrace – Tcpflow –

  7. Securing The House Secure the house ● Fit doors – Add locks – Secure Windows....Not the Microsoft – type Establish secure entry i.e. letterbox – Hide away valuables – Fit alarms and video camera – ... Have a guard dog or hire a bouncer – Result ● Allows communication (letters) – Protects assets – Monitors and alerts owner –

  8. Securing The Pi ● Lock our doors – IP Tables installed ● Monitor for suspicious behaviour – Log events – This is our video camera... ● Alert – Analyse events – Report events – This is our alarm/guard dog

  9. IP Tables ● Its a rule-based firewall ● By default no rules defined ● To block an IP /sbin/iptables -I INPUT -s 192.168.0.5 -j DROP – DANGER: You can lock yourself out – ● To accept an IP /sbin/iptables -I INPUT -s 192.168.0.5 -j ACCEPT – ● To view the rules /sbin/iptables -L –

  10. Logging ● By default most messages are recorded in: /var/log/messages – ● View it in real-time Tail -f /var/log/messages – ● Try it Logger “hello SFD 2013” – ● Very important resource ● Used for audit/diagnosing problems ● Other applications depend on these logs

  11. Port Scan Attack Detector ● Software to report on attacks ● Monitors log events ● Has own rules ● View status: Psad -S – ● Can set blacklist and whitelists ● Custom Python script – Electronics via GPIO

  12. PSAD ● Typical deployment of PSAD ● Detect probes for various backdoor programs

  13. Launch an Attack ● Virtual Machine with Kali ● Probing the network Nmap -sV 192.168.0.2 #what services – Nmap -O 192.168.0.2 #what OS – Nmap --open 192.168.0.2 #open ports – Nmap -sA 192.168.0.2 #is there a FW? – Nmap –iflist – Nmap -sF 192.168.0.2 – ● Attack example: sudo hping3 -i u1 -S -p 80 192.168.0.2 –

  14. The Pi ● 'Attack' VM is Kali ● Attacker using Kali probes network ● Pi logs activity from probe ● Pi flags activity as suspect ● Pi alerts user via LEDs and LCD

  15. Tools ● Wireshark ● Capture and filter packets (network traffic) ● Previous attack, all SYN flags set, syn flood attack = Denial of Service ● Can filter tcp.flags.syn==1 ● IP tables stop/limit this: iptables -A INPUT -p tcp --syn -m limit --limit 1/s --limit-burst 3 -j RETURN –

  16. Denial of Service

  17. Pi Development ● Hardware – LCD – LEDs – I2C (provides more Pins/IOs) – Button ● Software – Python – Various libraries SMBus for I2C, GPIO – Notepad++

  19. Pi Development ● Code maintained on Pi ● Developed on laptop ● Uses SFTP (SSH) – Accesses Pi remotely (download/upload) – Can't test on laptop i.e. libraries and devices on Pi ● Code managed by Git (VCS to bitbucket) ● Adafruit provides an excellent IDE called WebIDE – Web based, allows debugging from any device

  22. Closing Remarks ● Passwords are like underwear....

  23. Useful Links How secure is your network: ● http://www.linuxuser.co.uk/tutorials/how-safe-is-your-network-kali-tutorial IP Tables: http://www.howtogeek.com/168132/using-iptables-on-linux/ ● Essential Linux Commands: http://community.linuxmint.com/tutorial/view/244 ● PSAD: http://www.cyberciti.biz/faq/linux-detect-port-scan-attacks/ ● Nmap: ● http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/ HPING: http://www.binarytides.com/tcp-syn-flood-dos-attack-with-hping/ ● IP Tables vs DOS: ● http://www.cyberciti.biz/tips/howto-limit-linux-syn-attacks.html ●

  24. Mail Box Issue ● sudo touch /var/mail/pi ● sudo chown pi:mail /var/mail/pi ● sudo chmod o-r /var/mail/pi ● sudo chmod g+rw /var/mail/pi

  25. Getting Started ● Kali (root/pa33word) ● Pi (pi/pwd123.card) ● Load IP tables = ● sudo /sbin/iptables-restore < ~/iptables.up.rules ● Restart PSAD ● sudo /etc/init.d/psad restart

Recommend

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry

Introduction to the Introduction to the Raspberry Pi 3 B+ Raspberry Pi 3 B+ What is a Raspberry Pi? What is a Raspberry Pi? Small computer Runs Linux OS Raspberian CanaKit Raspberry Pi 3 B+ Startup Startup Open

502 views • 11 slides
Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized

Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized

Raspberry Pi By Declan Fox Raspberry Pi The Raspberry Pi is a series of credit card- sized single-board computers developed by the Raspberry Pi Foundation to promote the teaching of basic computer science . Raspberry Pi Advantages Access

579 views • 5 slides
Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall

Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall

Physical computing with Python and Raspberry Pi Ben Nuttall Raspberry Pi Foundation Ben Nuttall Education Developer Advocate at Raspberry Pi Foundation Software &amp; project development Learning resources &amp; teacher training

718 views • 44 slides
BeyondCorp: Beyond fortress security BA.net Private Cloud Office Open Source Software Freedom,

BeyondCorp: Beyond fortress security BA.net Private Cloud Office Open Source Software Freedom,

BeyondCorp: Beyond fortress security BA.net Private Cloud Office Open Source Software Freedom, flexibility, low cost, no vendor lock-in, no jumping through monopoly license hoops, byod, local software, hybrid cloud, retire old firewalls, new

763 views • 32 slides
Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry

Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry

Introducing HPC with a Raspberry Pi Cluster A practical use of and good excuse to build Raspberry Pi Clusters Colin Sauz &lt;cos@aber.ac.uk&gt; Research Software Engineer Super Computing Wales Project Aberystwyth University Overview

193 views • 18 slides
Protecting Your Privacy in the Digital Age Steve Revilak Software Freedom Day Sep. 21, 2013 1 /

Protecting Your Privacy in the Digital Age Steve Revilak Software Freedom Day Sep. 21, 2013 1 /

Protecting Your Privacy in the Digital Age Steve Revilak Software Freedom Day Sep. 21, 2013 1 / 26 State Surveillance Over the summer, weve learned about a number of NSA programs that spy on . . . , well, just about everyone.

753 views • 26 slides
Building a quadcopter 5HC99 Group 3 Outline Hardware Software Tuning Video

Building a quadcopter 5HC99 Group 3 Outline Hardware Software Tuning Video

Building a quadcopter 5HC99 Group 3 Outline Hardware Software Tuning Video Demo Hardware Standard frame Two Raspberry PI's Two camera's Barometer Battery alarm Raspberry PI Two Raspberry PI's

275 views • 12 slides
Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012

Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012

Qt on Raspberry Pi Jeff Tranter Integrated Computer Solutions (ICS) Qt Developer Days 2012 www.ics.com Agenda What is the Raspberry Pi? Raspberry Pi Foundation Hardware Software QtonPi Distribution QtonPi Device

716 views • 38 slides
Verified Boot and Free Software: Reconciling Freedom and Security Paul Kocialkowski

Verified Boot and Free Software: Reconciling Freedom and Security Paul Kocialkowski

Verified Boot and Free Software: Reconciling Freedom and Security Paul Kocialkowski contact@paulk.fr Monday July 4 th 2016 Introducing Verified Boot and Related Issues Introducing Verified Boot and Related Issues Bootup Process BIOS History

947 views • 39 slides
Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM

Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM

Raspberry Pi Update - Encourage your IoT Masafumi Ohta Japanese Raspberry Pi Users Group WHO AM I - Now leading Raspberry Pi Users Group,A Japanese Raspberry Pi Community here in Japan. - Volunteer for Raspberry Pi Foundation - one of the

1.32k views • 44 slides
Raspberry Pi Overview West Chester Amateur Radio Association January 14, 2013 Monthly Program

Raspberry Pi Overview West Chester Amateur Radio Association January 14, 2013 Monthly Program

Raspberry Pi Overview West Chester Amateur Radio Association January 14, 2013 Monthly Program Meeting Presenter: Scott Pettigrew - N8VSI What is a Raspberry Pi? Credit-card sized general-purpose computer Boots from SD Card System

221 views • 11 slides
CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT #

CYBER SECURITY : WI-FI HACKING WITH A RASPBERRY PI NAME : ZUKISA SURNAME : DYANTYI STUDENT # : 3567302 TERM 3 : IMPLEMENTATION SUPERVISOR : DR. M NORMAN CO-SUPERVISOR : MR. M MUYOWA BACKGROUND INCREASE OF CONNECTED DEVICES

122 views • 8 slides
deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security

deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security

Software and Web Security deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security vulnerabilities esp in systems accessible via a network part 1 security problems in machine code, compiled from C(++)

1.35k views • 67 slides
Making Your Own Open Source Raspberry Pi HAT Leon Anavi Konsulko Group leon.anavi@konsulko.com

Making Your Own Open Source Raspberry Pi HAT Leon Anavi Konsulko Group leon.anavi@konsulko.com

Making Your Own Open Source Raspberry Pi HAT Leon Anavi Konsulko Group leon.anavi@konsulko.com leon@anavi.org FOSDEM 2017 Agenda Raspberry Pi HAT Designing an open source hardware Software support Raspberry Pi HAT != HAT Hat

425 views • 27 slides
Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software

Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software

1 Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software is the main source of security vulnerabilities esp in systems accessible via a network i t ibl i t k part 1 part 1 security problems

672 views • 65 slides
The Art of DJing, Psychedelic Therapy, and Software Freedom A Proposal for Using Music to

The Art of DJing, Psychedelic Therapy, and Software Freedom A Proposal for Using Music to

The Art of DJing, Psychedelic Therapy, and Software Freedom A Proposal for Using Music to Maximize Therapeutic Outcomes Be Wilson MD candidate, University of Illinois at Chicago Mixxx DJ Software developer Introduction Feel free to ask

503 views • 17 slides
Making Open Source Hardware IoT with Raspberry Pi Leon Anavi Konsulko Group

Making Open Source Hardware IoT with Raspberry Pi Leon Anavi Konsulko Group

Making Open Source Hardware IoT with Raspberry Pi Leon Anavi Konsulko Group leon.anavi@konsulko.com OpenIoT Summit 21-23 February, Portland, Oregon Agenda Raspberry Pi add-on boards for IoT Raspberry Pi HAT Raspberry Pi pHAT

484 views • 32 slides
Internet of Things (IoT) Raspberry Pi Summer Camp Tech Talk Raspberry Pi Camp IoT 1

Internet of Things (IoT) Raspberry Pi Summer Camp Tech Talk Raspberry Pi Camp IoT 1

Internet of Things (IoT) Raspberry Pi Summer Camp Tech Talk Raspberry Pi Camp IoT 1 Introduction to IoT Raspberry Pi Camp IoT 2 IoT Source: IEEE ComSoc Raspberry Pi Camp IoT 3 What is Internet of Things (IoT) - 1 According to

168 views • 15 slides
RASPBERRY PI IN AMATEUR RADIO Matthew Miller KK4NDE http://kk4nde.com WHAT IS RASPBERRY PI

RASPBERRY PI IN AMATEUR RADIO Matthew Miller KK4NDE http://kk4nde.com WHAT IS RASPBERRY PI

RASPBERRY PI IN AMATEUR RADIO Matthew Miller KK4NDE http://kk4nde.com WHAT IS RASPBERRY PI Raspberry Pi Conventional PC Runs Linux operating system Runs Linux, Windows, MacOS, etc ARM Processor Intel x86 or x86-64 Processor

679 views • 20 slides
TOS for the Raspberry Pi Yeqing Yan Abhijit Parate Anoja Rajalakshmi Arno Puder Overview:

TOS for the Raspberry Pi Yeqing Yan Abhijit Parate Anoja Rajalakshmi Arno Puder Overview:

TOS for the Raspberry Pi Yeqing Yan Abhijit Parate Anoja Rajalakshmi Arno Puder Overview: Hardware Architecture of the Raspberry Pi ARM Assembly Boot Sequence Context Switch Exception Handling Framebuffer 1 Raspberry

950 views • 79 slides
Software Security: Defenses &amp; Principles CS 161: Computer Security Prof. Vern Paxson TAs:

Software Security: Defenses &amp; Principles CS 161: Computer Security Prof. Vern Paxson TAs:

Software Security: Defenses &amp; Principles CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce &amp; Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ January 29, 2013 Testing

964 views • 50 slides
Software Freedom &amp; Bro Karen M. Sandler BroCon September 13, 2016 I am Executive

Software Freedom &amp; Bro Karen M. Sandler BroCon September 13, 2016 I am Executive

Software Freedom &amp; Bro Karen M. Sandler BroCon September 13, 2016 I am Executive Director, Conservancy Pro bono counsel Free and open source software enthusiast A patient @o0karen0o @Conservancy Actually, I have a big

694 views • 27 slides
Software Security: Principles CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman,

Software Security: Principles CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman,

Software Security: Principles CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce &amp; Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ January 31, 2013 TL-15 TL-30

955 views • 61 slides
Everything I know about Kubernetes I learned from a cluster of Raspberry Pis Jeff Geerling

Everything I know about Kubernetes I learned from a cluster of Raspberry Pis Jeff Geerling

Everything I know about Kubernetes I learned from a cluster of Raspberry Pis Jeff Geerling (geerlingguy) Builder Track - www.pidramble.com http://www.shockinglydelicious.com/dorothys-fresh-raspberry-pie-recipe/ The Big Question What can I do with

821 views • 25 slides

More recommend