-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Author: GDCosmo
This project began with the intention of building a Raspberry Pi based network sniffer.
A network sniffer is a tool that captures and analyzes network traffic, helping with troubleshooting, monitoring, and protocol analysis. It can also be used maliciously. But we will not be doing that. This is a device for monitoring a network owned by you, DO NOT scan or sniff a network that you do not have expressed permission to do so. If you do, you are not operating within the scope of this project
The initial direction deviated into more of a passive monitoring tool to inventory and map a network, provide security insights, and host a local web server with node.js to show the results. The hardware was an 8 GB Raspberry Pi 4B enclosed in custom case. A 32 GB memory card was used. The device was meant to connect directly to a network via Ethernet cable and was not intended to operate over WiFi (for scanning purposes). The device was to be autonomous and scan on a scheduled basis set by the user. It included a whiptail GUI (similar in layout to raspi-config) with some custom scan options.The Raspberry Pi also included connection LEDs for ethernet, WiFi, scan status, and power. It also has a sleep/wake button.
This implementation is a refactoring of the initial project. The goal is to make it more robust and support a stand alone package that functions on Ubuntu-latest. These types of tools already exist and it is nothing new in and of itself. Put simply, it is a small form factor, inexpensive, and highly customizable, Swiss Army Knife-like network monitor. It is being refactored with a simpler interface to keep track of your devices, look for vulnerabilities, monitor performance, flag unusual activity and then sniff to get more info. There are many other convenience tools related to network management that can be added to customize it as well.