Distributed Wifi Monitoring (aka Panoptes)

Project to collect and graph critical information about a wifi network.

Team members

• Thomas Doyle

Dependencies

• Python 3.6 or higher
• Pip3 for repository

How to install

Installing the OS

First we need to download the kali linux image from kali website

Or with the following command

$ wget https://images.offensive-security.com/arm-images/kali-linux-2018.1a-rpi3-nexmon.img.xz

Remember : Never download Kali Linux images from anywhere other than the official sources, and you should go here to see how to verify your image

Once we have our image we want to write it to and sd card. Insert the sd card into your machine and type

$ sudo fdisk -l

Find the disk that is your sd card (should be something like /dev/sdb, but may not)

Warning Make sure this is not your harddrive and is your sd card, everything will be overwritten

When you have found your card you can write the image to the card with the following command

$ sudo dd if=PATH of=DEST bs=512k

where PATH will be the path to where you downloaded the fie to and DEST will be the path to your sd card we found earlier, e.g. /dev/sdb

Now you can remove your sd card pop it in your pi and boot it up. We are gonna need a monitor keyboard and mouse for this next bit

Installing the Software on the OS

$ git clone https://gitlab.computing.dcu.ie/doylet9/2018-CA326-tdoyle-distributedwifimonitoring.git
$ cd 2018-CA326-tdoyle-distributedwifimonitoring/code/
$ chmod +x install.sh
$ ./install.sh

How to use

• Once installed all the plugins will run on reboot.
• If you do not want to reboot you can run them manualy by running the following options

$ ./start # To start all the plugins

$ ./stop  # To stop  all the plugins

$ ./start && ./stop # To restart all the plugins

If you do not like, want or need a plugin just move it to another folder

$ mkdir bakupPlugins
$ mv pluings/example bakupPlugins/example

Configuration

You can change many things about the project so that is runs to suit your needs. The following is an example config you can use to get your started.

You should edit your config.json created after install not the config.example

You can also edit you hostname in /etc/hostname so that each node has a unique name

Example Config

{
    "slack": {
        "slack_token": "SLACK-API-KEY",
        "slack_channel": "#random",
        "slack_emoji": ":robot_face:",
        "slack_username": "Panoptes Alerts"},
    "ap_metrics":{
        "sleeptime" : 1,
        "interface" : "mon1",
        "pktcount" : 500},
    "nodeup" : {
        "sleeptime" : 5},
    "system_stats" : {
        "errorlog" : "/var/log/panoptes/system.log",
        "sleeptime" : 5},
    "ssid_detection" : {
        "interface": "mon1",
        "errorlog" : "/var/log/panoptes/system.log",
        "known_ssids" : "/etc/panoptes/known_ssids.txt"}
    "ping_metrics" : {
        "sleeptime" : 2},
    "packet_stats" : {
        "timeout" : 1,
        "interface": "mon1"}
}

• sleeptime: Refers to how often the pluings are run (seconds)
• errorlog: Refers to where logs are written for errors
• slack_token: Is the api key given to access your slack channel
• interface: Refers to what interface will be in monitor mode

Plugins created

• Ssid detection - Detects ssids spoofing trusted ones
• Metric fling - Exports metrics to graphite database
• Access Point Metrics - Collects signal from surrounding access points
• System Load Average - Collects load average for nodes
• Nodes Up - Reports if a node is up
• Ping Metrics - Reports latency metrics