The post Network Automation Update 2 appeared first on The Leahy Center for Digital Investigation.
Introduction The Network Automation script has evolved and flourished with each new idea. The scanner has some awesome new features, too! Through this blog post, we plan on elaborating on the process. We’ll also highlight some cool features and services that our Pis have. Changes to the Network Automation Scanner Over the past few weeks, we have had a lot of trial and error, but with every fallback, we would take a greater leap forward. We tried to have the scanner files upload to Dropbox. But we realized that the scanner wouldn’t have internet access on the Pi network. This led us to add code to copy the files to a flash drive and then delete them from the Pi. To know that the scan finished and the results had copied to a flash drive, we added a sound cue. Later, a flash from the power LED was also added in case the user does not have headphones plugged in. With the hope of having a more in-depth scan of the web servers, we added a Nikto scan. We also added code to record the date and time of the scan. We can now capture how long the scan takes and what needs to change. Testing After finalizing the script, we started testing it on a network of Raspberry Pis. By running services on the Pis, we are better able to determine the effectiveness of our network scanner. Keeping meticulous notes, we noted the time that it took for the scan to finish. We also noted the services on the pi that were being scanned. And we made comments based on things we noticed during the scan Troubleshooting During the first official test, we noticed that the USB stick was not plugged in. This means the files were not copied to the USB, but they were being deleted from the Pi. To eliminate the chance of this happening again, we added an error detection that prevents the deletion of the files if a USB is not detected. We also simplified things by putting all the scan files into a tar file and compressing it by using gzip. It also has a configuration window for turning Dropbox and email copying on or off. Conclusion Over the course of the semester, our scanner has changed greatly. We have added new features such as troubleshooting to increase the effectiveness of our scanner. We can also keep track of how long a single scan takes. By adding new features to our scanner we can increase its ability to test the security of computer networks. The LCDI always welcomes feedback! Check us out on Facebook, Twitter, or read our other blogs! You can also reach us by email at: email@example.com.