# Local Network and Router Security Notebook

This notebook is aimed at people looking to learn about tools they can use to secure their network environment. It's designed to introduce people to a wide range of tools they can use for any purposes they need.

# Prerequisites

You'll need to have Python 3+ installed. You can download it here if you don't already have it installed:

https://www.python.org/downloads/

Also, this tutorial will be much easier on a Linux or Mac machine.

# Installing Tools

We will use the tools below to scan your wireless environment.

- routersploit: Contains a scanner that automatically checks your router for common vulnerabilities.
- netdisco: Scans your network and returns information about hardware on your network.

The code below will automatically install all of these tools. If you don't want to use a tool or if a tool won't install on your platform, change the corresponding variable below to False.

In [None]:
# Change these variables to False if you don't want to install the tool
routersploit = True
netdisco = True

import platform
import os

def install_routersploit():
    os.system("git clone https://www.github.com/threat9/routersploit routersploit")
    os.system("cd routersploit")
    os.system("sudo python3 -m pip install -r requirements.txt")
    os.system("cd ..")
    print("Installed routersploit")
    
def install_netdisco():
    os.system("pip3 install netdisco")
    print("Installed netdisco")
    
if routersploit:
    install_routersploit()
    
if netdisco:
    install_netdisco()
    

# Scanning your network for devices

One useful tool is learning information about devices connected to your network. You can determine how many devices are on your network, examine specific devices for security issues, or learn more about all devices.



## ARP Scan

An ARP scan gives you basic you information about some devices connected to your network. It's useful for finding out how many devices are on your network or for getting a list of IP addresses of devices on your network.

Run the code cell below. This will run `arp -a` in your computer's shell, giving you a list of some devices connected to your network.

In [None]:
import subprocess

arp_results = subprocess.check_output("arp -a", shell=True).decode("utf-8").split("\n")
for result in arp_results:
    print(result)

Each line looks like this:

`[device name] ([device local IP address]) at [device MAC address] on [connection information]`

- `device name` tells you a name assigned to that device. This probably tells you the name of that device, but if lots of devices are on the network, this can be inaccurate.
- `device local IP address` gives you the address this device uses to communicate on your network. You can use this in later sections to learn more information about this device
- `device MAC address` gives you a unique identifier for the device, but this isn't too useful for this guide.
- `connection information` gives you network interface information that isn't too useful for this guide.

Generally, you can use an ARP scan to get a list of IPs on your network. In the next section, you can use this information to scan a specific IP address to learn more about that device.

## nmap Scan

Devices on your network may have open network ports. An open port provides a gateway for other devices to communicate with that device.

Generally, you only want to open a port if it's necessary. Unnecessary open ports can provide ways for hackers to steal information from devices on your network.

`nmap` is a tool you can use to scan specific device on your network to see which ports are open on it.

#### Fast Scan

The below code checks for commonly opened ports on the IP `192.168.1.1`, which is probably your router. Feel free to modify the `ip` variable to scan different devices.

In [None]:
ip = "192.168.1.1"  # Should look like "192.168.XXX.XXX"

import subprocess

netdisco_results = subprocess.check_output("nmap -F " + ip, shell=True).decode("utf-8").split("\n")
for result in netdisco_results:
    print(result)

The scan gives a list of open ports:

`PORT                        STATE            SERVICE`  
`[port number]/[protocol]    [port state]     [port purpose]`

- `port number` indicates the number of the port, from `1-65535`, that is being described.
- `port state` usually indicates if the port is `open` or `closed` to traffic.
- `port purpose` indicates the type of traffic that port usually handles. For instance, port 80 handles HTTP (regular Internet) traffic, while port 443 handles HTTPS (secure Internet) traffic.

#### Scanning a specific port

The below code scans the IP `192.168.1.1` to see which ports in the range `1-4096` are open. Again, feel free to modify the variables to scan different devices or ports.

In [None]:
ip = "192.168.1.1"  # Should look like "192.168.XXX.XXX"
port = "1-4096"     # Should be a number from 1-65535 (e.g. "443"), or a range of numbers (e.g. "1-1024").

import subprocess

netdisco_results = subprocess.check_output("nmap -p " + port + " " + ip, shell=True).decode("utf-8").split("\n")
for result in netdisco_results:
    print(result)

## netdisco Scan

An ARP scan gives you basic information about all of the devices on your network, while an nmap scan gives you information about open ports on a specific device. Another tool, `netdisco`, gives you hardware information about certain devices. This is useful for finding the IP of devices you know some hardware information about, like a Chromecast or a Smart TV.

Run the code block below to run the `netdisco` scan.

In [None]:
import subprocess

netdisco_results = subprocess.check_output("python3 -m netdisco", shell=True).decode("utf-8").split("\n")
for result in netdisco_results:
    print(result)

You can see the information includes like the device name and serial number, which can be useful for identifying a specific device on your network. It also describes some network information, like open ports and UPnP information.