Forensic Blogs

An aggregator for digital forensics blogs

by

Automated Network Scanner! The Final Blog

Testing Our Script

Automated Network Scanning ! team has successfully completed their project by capping off the testing phase. The testing phase was divided into four phases. As we had configured our script to execute on boot, we would start each cycle by rebooting the Raspberry Pi. To implement this, we enabled auto-login on boot with the raspi-config command. In the process of booting to command line, Raspbian runs the commands stored in the .bashrc file. We used the .bashrc to start a bash script on boot. This bash script uses the cat command to read a file in the system that contained the network’s connectivity status and launched the scan when appropriate, moving our test cycle to the next step.

Flowchart of scan cycles

Once our team entered the scan running portion of the scanning cycle, our team would log into the Raspberry Pi with PuTTY, an SSH client. SSH clients allow remote control of computers through a command line. Although interacting solely through a command line may be considered an inconvenience, we were quite comfortable with the Linux Command line. To check if our scan was running, we used htop, a command line process viewer. Our team would inspect the htop window for a python3 process running our script and an nmap process. If both were present, as shown below, we could be sure that our script was running.

htop, a process manager service operated from the command line on our Raspberry Pi

Once our script finished, the report was automatically sent to an email address, alerting our team, no matter where they were, that the scan had finished. Our team would read through the report and would then move onto changing the scanner’s settings on the Raspberry Pi. Through PuTTY we were able to remotely interface with the Raspberry Pi. Once we finished this, we rebooted the Pi to start the cycle again.

 

Conclusion

Throughout this iterative cycle, we became intimately familiar with the function of an SSH client, and learned about several tools that allow operating Linux systems through command line to become easier, such as htop, a process manager, and ranger, a file explorer.  Overall, in this semester, we learned much more about the process of maintaining security on a network through mapping the network.

The post Automated Network Scanner! The Final Blog appeared first on The Leahy Center for Digital Investigation.