NetPi Initial Build Details (Pre-Release)

Welcome to the build…

The initial plan is to build a network analyzer to ideally compete with the features of commercial products available on the market. In doing so, I plan on creating a build guide once I am complete with my own design and testing. This guide will list hardware and link for purchase on Amazon, and either provide a documented list of all installed software and custom scripts or a rolled up .img to format onto a microSD for your own RaspberryPi. I’m still working out how to physically package this mod and it’s battery component into a portable case, and am thinking a 3d printer and custom mold may be the best option.

Check out the images below and brief descriptions. I’m including the current bash script I’m tinkering on below all of these photos. The NetPi is only part way through completion of even the first capability, but I’m going to keep working on it during my free time. Keep in mind the Fluke NetTools will run you $500+, and certain models over $2,000 USD.

Current Status: In development. Contribute to scripts and ideas via the GitHub link below. This status will be updated and a final release/build page will be created as this project progresses.

Latest Changes: Added “Stealth/Active/PenTest” switch. Confirmed that Stealth mode ip table entry blocks all communication, however this should still allow packets inbound, such as CDP/LLDP. All modes shift wallpaper so user is aware of current environment. Added Code to GitHub, added photos below.

Contribute on GitHub: https://github.com/BlameTheNetwork/NetPi

Donate to the beer fund if you like this project: http://blamethenetwork.com/project-donations/
Discussion forum for NetPi: http://blamethenetwork.com/forums/forum/netpi-discussion/

Initial Specs: Linux Version: linux raspberrypi 3.12.34+ // Screen Resolution: 480 x 320.

IMG_3707Initial Packaging the Raspberry Pi B+’s arrived in. Keep in mind there is a raspberry pi 2 which has more CPU capabilities. Ideally I may switch to that model for the end result, however I should be able to use a built image and port it over.

IMG_3708

Wireless card I’m currently using, as I figured a “Management” interface would assist outside of the ethernet port where the testing will take place. From the MGMT interface, you can SSH in remotely and run test commands if you have to leave the device during troubleshooting.


IMG_3716

Unboxing of one of the Pi’s. It’s like christmas.

IMG_3726

I mounted the Pi in a case I found online, however end result will likely not include this portion as it doesn’t account well for 4in LCD as well as a battery for self sustainment. Just wanted to let everyone know there are options available if desired.

IMG_3729
Got the little guy running and HDMI output to my TV functioning. I ran into some driver issues relating to the onboard LCD touch panel, so I had to start here and work my way up.

IMG_3734

Another honorable mention for lessons learned, MicroSD card brands, sizes, and write speed standards are a huge deal when dealing with Raspberry Pi’s. There is a bunch of open source documentation on which ones work. Also pictured is the 4 Inch LCD touch panel I ended up using in the current build seen down below.

IMG_3736

4in LCD touch panel running the kernel… this particular image came with included bloatware. Who doesn’t want to run Minecraft though, honestly?!

IMG_3738

Again, I will follow up with software install requirements later or release an IMG, but CDPR and it’s dependencies were a huge part in initial CDP discovery capabilities. Don’t reinvent the wheel, folks. Someone smarter has already built whatever you want….  unless they haven’t I suppose.

IMG_3739

Knocking out the bash script locally on the device that will pull CDPR data, truncate a few lines, and output that data to HTML in a clean format for fullscreen browser view. I did a side-by-side on browser speeds and found Dillo to be the most responsive on this build. It also had a clean fullscreen ability. I will be taking metrics on benchmarks of boot time and use of various features once complete.

IMG_3740

Early build of the bash script outputting data, before I ran sed against a few lines and also cleaned up it’s look.

IMG_3742

Same script, with unneeded output truncated and formatted a bit cleaner. Buttons are not active currently and will be resized to help with the touch screens resolution, as well as I will be adding other features within.

IMG_3743

Sadly I didn’t have a Cisco device to slap this on right away, but luckily for me I had a few VOIP phones that were on the network trying to phone home. the script picked their CDP packets up when they would finally send them. On a Cisco switch/router I expect response time to be much faster.

IMG_3744

Of course I had to pimp out the wallpaper. The bash script up top will likely not even be how to run this once complete. My plan is to build up an application or web interface with easy buttons for all of the available applications. This will load as soon as the operating system boots for speed and ease of use.

IMG_3746

Where we stood March 9th, 2015.

New Look March 10, with wallpapers that change based on current mode (stealth, active, pentest).

The CDP Reporting bash as of March, 2015:

###
### NetPi CDP Information Visual Script
### Blamethenetwork.com | No license, modify to fit needs
### Buy me a beer if you learned anything, or like beer.
###

#######################################
# Define the CDP Information as a var #
#######################################
nic="wlan0"
cdpdata=$(sudo cdpr -d $nic | sed 1,4d | sed '/Waiting for CDP
advertisement:/d' | sed '/transmit CDP packets/d')

#######################################
# HTML Content // Edit to your needs  #
#######################################
open="<html><head><title>CDP Output</title><style type=text/css>BODY {
color:#FFFFFF; background-color:#000000;
}</style></head><body><h1>NetPi CDP Details</h1><pre>"
close="</pre><br/><input type='button' value='Save Report'/><input
type='button' value='New Scan'/></body></html>"

######################################
# Write content to HTML file         #
######################################
_file="/home/pi/Documents/CDP"
echo "$open" > "$_file/report.html"
echo "$cdpdata" >> "$_file/report.html"
echo "$close" >> "$_file/report.html"

#####################################
#Open output in Dillo. Fastest load #
#####################################
dillo -f "$_file/report.html"
##################################
# We're done here. -Cave Johnson #
##################################

 

###
### Call process to Switch Network interface On / Off
### Stealth mode being ideal for CDP info without sending a MAC
### as to not trip any layer 2 security. Call with ./netmode [stealth|active]
### BlameTheNetwork.com/NetPi
###
#
### Define Interface to manage. Change if you do your testing over wireless.
nic="eth0"
###
### Switch output based on argument - all wallpaper commands intended for lxde env.
###
if [ $1 = "stealth" ]; then
 ## Block all outgoing traffic on eth0
 echo "Killing traffic, going stealth..."
 sudo iptables -A OUTPUT -o eth0 -j DROP
 pcmanfm --set-wallpaper=/netpi/analyzestealthwallpaper.jpg --wallpaper-mode=fit
elif [ $1 = "active" ]; then
 ## Allow all outgoing traffic on eth0
 echo "Going hot! talking on the net..."
 #Put following in if/else check. If not, it complains about no rule if there isn't one.
 sudo iptables -D OUTPUT -o eth0 -j DROP
 pcmanfm --set-wallpaper=/netpi/analyzeactivewallpaper.jpg --wallpaper-mode=fit
 #ToDo Here - load pen test toolset application. Update this...
elif [ $1 = "pentest" ]; then
 ## Oh boy... heading to the dark side...
 echo "Switching to Pen Test software load..."
 pcmanfm --set-wallpaper=/netpi/pentestwallpaper.jpg --wallpaper-mode=fit
else
 echo "Unknown or Undefined Action. Blocking Traffic out to be safe..."
 sudo iptables -A OUTPUT -o eth0 -j DROP

echo "Network rules successfully modified."
fi
###
### Make life rue the day it thought it could give Cave Johnson Lemons!
### We're done here.
###

Thanks for stopping by. Check back soon for the latest updates. I’ll be sure to post again around various sites once I’m complete. Shout out to the Packet Overlords in /r/networking.

Google+ Linkedin

3 Comments

  • stitch

    Hi, your NetPi solution looks sik! I noticed you started out using the B+ version for development. Do you anticipate any issues in using NetPi for the older model B version?
    Thanks!

  • jamesb2147

    Hi there,

    I realize this is ancient, but would be really useful. Any chance you remember what web server/configuration you used? Tried flashing the pre-built .img for use with a RPi3 with no luck. No big deal as I cloned the github repo, but IDK how to configure this to run .sh files from a web browser.

    Have a great day, and thanks for sharing this awesome project!

  • pascal

    Can you make this for the pi 3, i hope so

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*
*