Welcome back to Automated Network Scanning % teams official blog. We have been up to some exciting things since our last post. The first and most exciting thing that we did this month was get our script working. This was the main focus of the team since the beginning of the semester and we spent the majority of our time working on it. We went above and beyond to make sure our script was fully functional and had no bugs. We also were able to get our Raspberry Pi’s working which included adding some servers onto them to test our scanner.Our First Script
Our team worked hard this month on creating a basic version of our script. Through a lot of trial and error we ended up creating a pretty in depth script. It allows us to perform many different types of scans including a TCP SYN scan, a UDP scan, a TCP connect scan, and a SCTP INIT scan. We also added a feature that allows us to perform a full comprehensive TCP SYN and UDP scan on all available ports, not just the default 1,000.
From here, the team decided to choose email for our output option in our script. Every time we run a scan using our script, each member gets an email with the results of the scan. This email includes information like the IP address of the scanned host , the scan date and time, how long the scan took, the MAC address of the scanned host , the status of the host, what OS the host is using, which ports are open, what services are being run on those ports, and what OS those services are using. We are very happy with the current state of our scanner. We are farther along with it then we thought we would be at this point. Now, the only aspect of our script that we know needs improvement is automation.Raspberry Set Up
In October, the team made a lot of headway into setting up our Raspberry Pi. The first thing we did was configure the SD card. This entailed wiping the card and reinstalling all the services we would need. From there we needed to find a way to get our Pi connected to the internet. Our first idea was to use the USB WiFi adapter to connect to the school WiFi. While this method ended up working, but was extremely slow. We instead decided to connect to the internet using Ethernet. This method proved to be much faster. We used our new internet connection to install server software onto our Pi. We installed an SSH server, a file server using Samba, and a web server using Apache. Our Pi’s are now imaged and ready to go.In the Next Month
We are making haste towards completing our project goal of creating an Automated Network Scanner. In the next month, we will be testing our script on our Pi and the servers we installed, as well as move to some more advanced networks. We hope that November will see us test our Network Scanner on the LCDI Network itself. We will be tweaking our script while we run these scans to try to get faster scan times and add more automation to it. In the meantime, stay connected to us by tuning into the LCDI twitter feed where we will post weekly updates as we continue working on our project.
The post Network Scanning Version 1.0 appeared first on The Leahy Center for Digital Investigation.