Network Automation Update 3: The Finished Pi Script

Introduction

With the semester coming to a close, the Network Automation  project is coming to completion. We’ve finalized our script and run some real world tests. And we’ve done some final troubleshooting to create a finalized, all in one script to scan a network with almost no user interaction.

script

Finalizing the Script

These past few weeks we have worked hard to improve the usability of the scan. For example, previous versions of the script required the user to have all the scan files in the downloads file of the user named pi. We first tried to fix this by putting the files in the root directory but the scan failed to run at boot. Then we tried creating a new user on the pi called netscan and this worked. We then added the code to create this user and move the files to the proper folder to our setup script preventing the issue for good.

Real-World Testing

As we said in our last update the scan was able to run at boot and run both nmap and nikto against our test network. Once we had a finalized script that we knew was functioning we began to run scans against a real network of computers. In the past we ran it on the simple network of other pis we did our testing on. Specifically, this was the LCDI’s network. These tests are important to our assessment of pis as network scanners. The scanner’s ability to function on an actual network of computers is critical. The pis offered us an excellent opportunity to make sure the code would run. But they have no antivirus or security enabled. These measures could block our scan rendering the device useless.

Troubleshooting

The scanner as expected took longer to run than on our test network as there are more computers on the LCDI network than on our test network of Raspberry Pis.  As we started testing out our scanner on the LCDI network we ran into a few problems.  When we ran nikto it would scan at a time which caused the scanner to run slower. nmap would also take a considerable amount of time as it would scan loads of ports as well on multiple computers.

Conclusion

After testing the network scanner on the LCDI network we came to the conclusion that the Raspberry Pi should not be used as a network scanner. The limited processing power can cause operations like Nmap and nikto can take a while as the would have to scan hundreds of hosts on one network. Even adding timeout options can still result in the scan freezing. We instead believe that the script we wrote should be used on a more powerful device.

The LCDI always welcomes feedback! Check us out on Facebook, Twitter, or read our other blogs! You can also reach us by email at: lcdi@champlain.edu.

More Research Projects
CyberRange Team: Creating The Perfect Sandbox Environment
The Internet of Things Team: An Inside Look
CyberTech: Creating a Safer Internet Through Education