When people join a new workforce, they often find themselves saying: “I am in way over my head.” I experienced that during my first week as an intern at the Leahy Center for Digital Investigation (LCDI). It was only my second week of my first year of college, and I couldn’t wait to get my foot in the door and start my internship at the LCDI. I was a part of a team of three (Matthew Eckhardt, Jordan Kimball, and Jessica Hunsberger), and immediately I noticed that our project was more complicated than anything we had done before. None of us knew where to begin with an “Automated Network Scanner.” We didn’t have the answers right off the bat. Luckily for us, the LCDI is a place for people who don’t always know all the answers, as the truth is, nobody does. My team and I got to work, and found out we were a lot more capable than we previously thought. The following is the culmination of our work and research into Nmap, port scanning, and Raspberry Pi’s.
What we learned so farFirst, we should explain what it is we are actually doing. Our team was tasked with creating an “Automated Network Scanner”—that is, a device that could be plugged into the network at the LCDI and scan it for available ports, hosts, and services, as well as give a report on what it found. In pursuit of this goal, we learned how to use Nmap, an industry staple for scanning and testing a network for vulnerabilities.
This, by itself, was not too difficult. If you do your research, you can download Nmap and figure it out, no problem. The difficulty comes in the “automated” part of “Automated Network Scanner.” We solved this problem with Python 3. It turns out that Nmap can be inserted as a part of a Python script. One of the great boons in this project was that almost everything we were working on was well documented online, albeit small pieces individually. Using this knowledge, we learned we could inject the script into a Raspberry Pi’s startup protocols, and run the script as soon as the Raspberry Pi turned on. Furthermore, using Python allowed us to create a formatted report, and send it to a private email account automatically.
ConclusionAll in all, our research and effort put towards this project have proved successful. Our team has been moving at a steady rate, and our Automated Network Scanner is almost complete. This technology has a lot of widespread utility as this machine could be used by just about any person or organization who is heavily invested in a computer network. Creating a map of your network and potential vulnerabilities is extremely useful, especially in this current digital age. The next step for our team is perfecting our scripts, making sure our scanner is as efficient and informative as possible, and then setting up a mock network out of Raspberry Pi’s and testing the scanner on it, before testing it on the LCDI network.
To learn more about this and other blogs of the LCDI visit us here: LCDI Blog.
Stay in the loop on our current and upcoming projects and events by following us on Facebook, Twitter, or Instagram.
The post Experiences, Accomplishments, and Lessons Learned appeared first on The Leahy Center for Digital Investigation.